//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2021 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

// THIS FILE IS AUTOMATICALLY GENERATED by https://github.com/soto-project/soto/tree/main/CodeGenerator. DO NOT EDIT.

import Foundation
import SotoCore

extension SecurityHub {
    // MARK: Enums

    public enum AdminStatus: String, CustomStringConvertible, Codable {
        case disableInProgress = "DISABLE_IN_PROGRESS"
        case enabled = "ENABLED"
        public var description: String { return self.rawValue }
    }

    public enum AwsIamAccessKeyStatus: String, CustomStringConvertible, Codable {
        case active = "Active"
        case inactive = "Inactive"
        public var description: String { return self.rawValue }
    }

    public enum ComplianceStatus: String, CustomStringConvertible, Codable {
        case failed = "FAILED"
        case notAvailable = "NOT_AVAILABLE"
        case passed = "PASSED"
        case warning = "WARNING"
        public var description: String { return self.rawValue }
    }

    public enum ControlStatus: String, CustomStringConvertible, Codable {
        case disabled = "DISABLED"
        case enabled = "ENABLED"
        public var description: String { return self.rawValue }
    }

    public enum DateRangeUnit: String, CustomStringConvertible, Codable {
        case days = "DAYS"
        public var description: String { return self.rawValue }
    }

    public enum IntegrationType: String, CustomStringConvertible, Codable {
        case receiveFindingsFromSecurityHub = "RECEIVE_FINDINGS_FROM_SECURITY_HUB"
        case sendFindingsToSecurityHub = "SEND_FINDINGS_TO_SECURITY_HUB"
        public var description: String { return self.rawValue }
    }

    public enum MalwareState: String, CustomStringConvertible, Codable {
        case observed = "OBSERVED"
        case removalFailed = "REMOVAL_FAILED"
        case removed = "REMOVED"
        public var description: String { return self.rawValue }
    }

    public enum MalwareType: String, CustomStringConvertible, Codable {
        case adware = "ADWARE"
        case blendedThreat = "BLENDED_THREAT"
        case botnetAgent = "BOTNET_AGENT"
        case coinMiner = "COIN_MINER"
        case exploitKit = "EXPLOIT_KIT"
        case keylogger = "KEYLOGGER"
        case macro = "MACRO"
        case potentiallyUnwanted = "POTENTIALLY_UNWANTED"
        case ransomware = "RANSOMWARE"
        case remoteAccess = "REMOTE_ACCESS"
        case rootkit = "ROOTKIT"
        case spyware = "SPYWARE"
        case trojan = "TROJAN"
        case virus = "VIRUS"
        case worm = "WORM"
        public var description: String { return self.rawValue }
    }

    public enum MapFilterComparison: String, CustomStringConvertible, Codable {
        case equals = "EQUALS"
        case notEquals = "NOT_EQUALS"
        public var description: String { return self.rawValue }
    }

    public enum NetworkDirection: String, CustomStringConvertible, Codable {
        case `in` = "IN"
        case out = "OUT"
        public var description: String { return self.rawValue }
    }

    public enum Partition: String, CustomStringConvertible, Codable {
        case aws
        case awsCn = "aws-cn"
        case awsUsGov = "aws-us-gov"
        public var description: String { return self.rawValue }
    }

    public enum RecordState: String, CustomStringConvertible, Codable {
        case active = "ACTIVE"
        case archived = "ARCHIVED"
        public var description: String { return self.rawValue }
    }

    public enum SeverityLabel: String, CustomStringConvertible, Codable {
        case critical = "CRITICAL"
        case high = "HIGH"
        case informational = "INFORMATIONAL"
        case low = "LOW"
        case medium = "MEDIUM"
        public var description: String { return self.rawValue }
    }

    public enum SeverityRating: String, CustomStringConvertible, Codable {
        case critical = "CRITICAL"
        case high = "HIGH"
        case low = "LOW"
        case medium = "MEDIUM"
        public var description: String { return self.rawValue }
    }

    public enum SortOrder: String, CustomStringConvertible, Codable {
        case asc
        case desc
        public var description: String { return self.rawValue }
    }

    public enum StandardsStatus: String, CustomStringConvertible, Codable {
        case deleting = "DELETING"
        case failed = "FAILED"
        case incomplete = "INCOMPLETE"
        case pending = "PENDING"
        case ready = "READY"
        public var description: String { return self.rawValue }
    }

    public enum StringFilterComparison: String, CustomStringConvertible, Codable {
        case equals = "EQUALS"
        case notEquals = "NOT_EQUALS"
        case prefix = "PREFIX"
        case prefixNotEquals = "PREFIX_NOT_EQUALS"
        public var description: String { return self.rawValue }
    }

    public enum ThreatIntelIndicatorCategory: String, CustomStringConvertible, Codable {
        case backdoor = "BACKDOOR"
        case cardStealer = "CARD_STEALER"
        case commandAndControl = "COMMAND_AND_CONTROL"
        case dropSite = "DROP_SITE"
        case exploitSite = "EXPLOIT_SITE"
        case keylogger = "KEYLOGGER"
        public var description: String { return self.rawValue }
    }

    public enum ThreatIntelIndicatorType: String, CustomStringConvertible, Codable {
        case domain = "DOMAIN"
        case emailAddress = "EMAIL_ADDRESS"
        case hashMd5 = "HASH_MD5"
        case hashSha1 = "HASH_SHA1"
        case hashSha256 = "HASH_SHA256"
        case hashSha512 = "HASH_SHA512"
        case ipv4Address = "IPV4_ADDRESS"
        case ipv6Address = "IPV6_ADDRESS"
        case mutex = "MUTEX"
        case process = "PROCESS"
        case url = "URL"
        public var description: String { return self.rawValue }
    }

    public enum VerificationState: String, CustomStringConvertible, Codable {
        case benignPositive = "BENIGN_POSITIVE"
        case falsePositive = "FALSE_POSITIVE"
        case truePositive = "TRUE_POSITIVE"
        case unknown = "UNKNOWN"
        public var description: String { return self.rawValue }
    }

    public enum WorkflowState: String, CustomStringConvertible, Codable {
        case assigned = "ASSIGNED"
        case deferred = "DEFERRED"
        case inProgress = "IN_PROGRESS"
        case new = "NEW"
        case resolved = "RESOLVED"
        public var description: String { return self.rawValue }
    }

    public enum WorkflowStatus: String, CustomStringConvertible, Codable {
        case new = "NEW"
        case notified = "NOTIFIED"
        case resolved = "RESOLVED"
        case suppressed = "SUPPRESSED"
        public var description: String { return self.rawValue }
    }

    // MARK: Shapes

    public struct AcceptInvitationRequest: AWSEncodableShape {
        /// The ID of the invitation sent from the Security Hub master account.
        public let invitationId: String
        /// The account ID of the Security Hub master account that sent the invitation.
        public let masterId: String

        public init(invitationId: String, masterId: String) {
            self.invitationId = invitationId
            self.masterId = masterId
        }

        public func validate(name: String) throws {
            try self.validate(self.invitationId, name: "invitationId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterId, name: "masterId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case invitationId = "InvitationId"
            case masterId = "MasterId"
        }
    }

    public struct AcceptInvitationResponse: AWSDecodableShape {
        public init() {}
    }

    public struct AccountDetails: AWSEncodableShape {
        /// The ID of an AWS account.
        public let accountId: String
        /// The email of an AWS account.
        public let email: String?

        public init(accountId: String, email: String? = nil) {
            self.accountId = accountId
            self.email = email
        }

        public func validate(name: String) throws {
            try self.validate(self.email, name: "email", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case email = "Email"
        }
    }

    public struct Action: AWSEncodableShape & AWSDecodableShape {
        /// The type of action that was detected. The possible action types are:    NETWORK_CONNECTION     AWS_API_CALL     DNS_REQUEST     PORT_PROBE
        public let actionType: String?
        /// Included if ActionType is AWS_API_CALL. Provides details about the API call that was detected.
        public let awsApiCallAction: AwsApiCallAction?
        /// Included if ActionType is DNS_REQUEST. Provides details about the DNS request that was detected.
        public let dnsRequestAction: DnsRequestAction?
        /// Included if ActionType is NETWORK_CONNECTION. Provides details about the network connection that was detected.
        public let networkConnectionAction: NetworkConnectionAction?
        /// Included if ActionType is PORT_PROBE. Provides details about the port probe that was detected.
        public let portProbeAction: PortProbeAction?

        public init(actionType: String? = nil, awsApiCallAction: AwsApiCallAction? = nil, dnsRequestAction: DnsRequestAction? = nil, networkConnectionAction: NetworkConnectionAction? = nil, portProbeAction: PortProbeAction? = nil) {
            self.actionType = actionType
            self.awsApiCallAction = awsApiCallAction
            self.dnsRequestAction = dnsRequestAction
            self.networkConnectionAction = networkConnectionAction
            self.portProbeAction = portProbeAction
        }

        public func validate(name: String) throws {
            try self.validate(self.actionType, name: "actionType", parent: name, pattern: ".*\\S.*")
            try self.awsApiCallAction?.validate(name: "\(name).awsApiCallAction")
            try self.dnsRequestAction?.validate(name: "\(name).dnsRequestAction")
            try self.networkConnectionAction?.validate(name: "\(name).networkConnectionAction")
            try self.portProbeAction?.validate(name: "\(name).portProbeAction")
        }

        private enum CodingKeys: String, CodingKey {
            case actionType = "ActionType"
            case awsApiCallAction = "AwsApiCallAction"
            case dnsRequestAction = "DnsRequestAction"
            case networkConnectionAction = "NetworkConnectionAction"
            case portProbeAction = "PortProbeAction"
        }
    }

    public struct ActionLocalIpDetails: AWSEncodableShape & AWSDecodableShape {
        /// The IP address.
        public let ipAddressV4: String?

        public init(ipAddressV4: String? = nil) {
            self.ipAddressV4 = ipAddressV4
        }

        public func validate(name: String) throws {
            try self.validate(self.ipAddressV4, name: "ipAddressV4", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case ipAddressV4 = "IpAddressV4"
        }
    }

    public struct ActionLocalPortDetails: AWSEncodableShape & AWSDecodableShape {
        /// The number of the port.
        public let port: Int?
        /// The port name of the local connection.
        public let portName: String?

        public init(port: Int? = nil, portName: String? = nil) {
            self.port = port
            self.portName = portName
        }

        public func validate(name: String) throws {
            try self.validate(self.portName, name: "portName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case port = "Port"
            case portName = "PortName"
        }
    }

    public struct ActionRemoteIpDetails: AWSEncodableShape & AWSDecodableShape {
        /// The city where the remote IP address is located.
        public let city: City?
        /// The country where the remote IP address is located.
        public let country: Country?
        /// The coordinates of the location of the remote IP address.
        public let geoLocation: GeoLocation?
        /// The IP address.
        public let ipAddressV4: String?
        /// The internet service provider (ISP) organization associated with the remote IP address.
        public let organization: IpOrganizationDetails?

        public init(city: City? = nil, country: Country? = nil, geoLocation: GeoLocation? = nil, ipAddressV4: String? = nil, organization: IpOrganizationDetails? = nil) {
            self.city = city
            self.country = country
            self.geoLocation = geoLocation
            self.ipAddressV4 = ipAddressV4
            self.organization = organization
        }

        public func validate(name: String) throws {
            try self.city?.validate(name: "\(name).city")
            try self.country?.validate(name: "\(name).country")
            try self.validate(self.ipAddressV4, name: "ipAddressV4", parent: name, pattern: ".*\\S.*")
            try self.organization?.validate(name: "\(name).organization")
        }

        private enum CodingKeys: String, CodingKey {
            case city = "City"
            case country = "Country"
            case geoLocation = "GeoLocation"
            case ipAddressV4 = "IpAddressV4"
            case organization = "Organization"
        }
    }

    public struct ActionRemotePortDetails: AWSEncodableShape & AWSDecodableShape {
        /// The number of the port.
        public let port: Int?
        /// The port name of the remote connection.
        public let portName: String?

        public init(port: Int? = nil, portName: String? = nil) {
            self.port = port
            self.portName = portName
        }

        public func validate(name: String) throws {
            try self.validate(self.portName, name: "portName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case port = "Port"
            case portName = "PortName"
        }
    }

    public struct ActionTarget: AWSDecodableShape {
        /// The ARN for the target action.
        public let actionTargetArn: String
        /// The description of the target action.
        public let description: String
        /// The name of the action target.
        public let name: String

        public init(actionTargetArn: String, description: String, name: String) {
            self.actionTargetArn = actionTargetArn
            self.description = description
            self.name = name
        }

        private enum CodingKeys: String, CodingKey {
            case actionTargetArn = "ActionTargetArn"
            case description = "Description"
            case name = "Name"
        }
    }

    public struct AdminAccount: AWSDecodableShape {
        /// The AWS account identifier of the Security Hub administrator account.
        public let accountId: String?
        /// The current status of the Security Hub administrator account. Indicates whether the account is currently enabled as a Security Hub administrator.
        public let status: AdminStatus?

        public init(accountId: String? = nil, status: AdminStatus? = nil) {
            self.accountId = accountId
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case status = "Status"
        }
    }

    public struct AvailabilityZone: AWSEncodableShape & AWSDecodableShape {
        /// The ID of the subnet. You can specify one subnet per Availability Zone.
        public let subnetId: String?
        /// The name of the Availability Zone.
        public let zoneName: String?

        public init(subnetId: String? = nil, zoneName: String? = nil) {
            self.subnetId = subnetId
            self.zoneName = zoneName
        }

        public func validate(name: String) throws {
            try self.validate(self.subnetId, name: "subnetId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.zoneName, name: "zoneName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case subnetId = "SubnetId"
            case zoneName = "ZoneName"
        }
    }

    public struct AwsApiCallAction: AWSEncodableShape & AWSDecodableShape {
        /// Identifies the resources that were affected by the API call.
        public let affectedResources: [String: String]?
        /// The name of the API method that was issued.
        public let api: String?
        /// Indicates whether the API call originated from a remote IP address (remoteip) or from a DNS domain (domain).
        public let callerType: String?
        /// Provided if CallerType is domain. Provides information about the DNS domain that the API call originated from.
        public let domainDetails: AwsApiCallActionDomainDetails?
        /// An ISO8601-formatted timestamp that indicates when the API call was first observed.
        public let firstSeen: String?
        /// An ISO8601-formatted timestamp that indicates when the API call was most recently observed.
        public let lastSeen: String?
        /// Provided if CallerType is remoteIp. Provides information about the remote IP address that the API call originated from.
        public let remoteIpDetails: ActionRemoteIpDetails?
        /// The name of the AWS service that the API method belongs to.
        public let serviceName: String?

        public init(affectedResources: [String: String]? = nil, api: String? = nil, callerType: String? = nil, domainDetails: AwsApiCallActionDomainDetails? = nil, firstSeen: String? = nil, lastSeen: String? = nil, remoteIpDetails: ActionRemoteIpDetails? = nil, serviceName: String? = nil) {
            self.affectedResources = affectedResources
            self.api = api
            self.callerType = callerType
            self.domainDetails = domainDetails
            self.firstSeen = firstSeen
            self.lastSeen = lastSeen
            self.remoteIpDetails = remoteIpDetails
            self.serviceName = serviceName
        }

        public func validate(name: String) throws {
            try self.affectedResources?.forEach {
                try validate($0.key, name: "affectedResources.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "affectedResources[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.api, name: "api", parent: name, pattern: ".*\\S.*")
            try self.validate(self.callerType, name: "callerType", parent: name, pattern: ".*\\S.*")
            try self.domainDetails?.validate(name: "\(name).domainDetails")
            try self.validate(self.firstSeen, name: "firstSeen", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastSeen, name: "lastSeen", parent: name, pattern: ".*\\S.*")
            try self.remoteIpDetails?.validate(name: "\(name).remoteIpDetails")
            try self.validate(self.serviceName, name: "serviceName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case affectedResources = "AffectedResources"
            case api = "Api"
            case callerType = "CallerType"
            case domainDetails = "DomainDetails"
            case firstSeen = "FirstSeen"
            case lastSeen = "LastSeen"
            case remoteIpDetails = "RemoteIpDetails"
            case serviceName = "ServiceName"
        }
    }

    public struct AwsApiCallActionDomainDetails: AWSEncodableShape & AWSDecodableShape {
        /// The name of the DNS domain that issued the API call.
        public let domain: String?

        public init(domain: String? = nil) {
            self.domain = domain
        }

        public func validate(name: String) throws {
            try self.validate(self.domain, name: "domain", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case domain = "Domain"
        }
    }

    public struct AwsApiGatewayAccessLogSettings: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the CloudWatch Logs log group that receives the access logs.
        public let destinationArn: String?
        /// A single-line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId.
        public let format: String?

        public init(destinationArn: String? = nil, format: String? = nil) {
            self.destinationArn = destinationArn
            self.format = format
        }

        public func validate(name: String) throws {
            try self.validate(self.destinationArn, name: "destinationArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.format, name: "format", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case destinationArn = "DestinationArn"
            case format = "Format"
        }
    }

    public struct AwsApiGatewayCanarySettings: AWSEncodableShape & AWSDecodableShape {
        /// The deployment identifier for the canary deployment.
        public let deploymentId: String?
        /// The percentage of traffic that is diverted to a canary deployment.
        public let percentTraffic: Double?
        /// Stage variables that are overridden in the canary release deployment. The variables include new stage variables that are introduced in the canary. Each variable is represented as a string-to-string map between the stage variable name and the variable value.
        public let stageVariableOverrides: [String: String]?
        /// Indicates whether the canary deployment uses the stage cache.
        public let useStageCache: Bool?

        public init(deploymentId: String? = nil, percentTraffic: Double? = nil, stageVariableOverrides: [String: String]? = nil, useStageCache: Bool? = nil) {
            self.deploymentId = deploymentId
            self.percentTraffic = percentTraffic
            self.stageVariableOverrides = stageVariableOverrides
            self.useStageCache = useStageCache
        }

        public func validate(name: String) throws {
            try self.validate(self.deploymentId, name: "deploymentId", parent: name, pattern: ".*\\S.*")
            try self.stageVariableOverrides?.forEach {
                try validate($0.key, name: "stageVariableOverrides.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "stageVariableOverrides[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case deploymentId = "DeploymentId"
            case percentTraffic = "PercentTraffic"
            case stageVariableOverrides = "StageVariableOverrides"
            case useStageCache = "UseStageCache"
        }
    }

    public struct AwsApiGatewayEndpointConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// A list of endpoint types for the REST API. For an edge-optimized API, the endpoint type is EDGE. For a Regional API, the endpoint type is REGIONAL. For a private API, the endpoint type is PRIVATE.
        public let types: [String]?

        public init(types: [String]? = nil) {
            self.types = types
        }

        public func validate(name: String) throws {
            try self.types?.forEach {
                try validate($0, name: "types[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case types = "Types"
        }
    }

    public struct AwsApiGatewayMethodSettings: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the cached responses are encrypted.
        public let cacheDataEncrypted: Bool?
        /// Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response is cached.
        public let cacheTtlInSeconds: Int?
        /// Indicates whether responses are cached and returned for requests. For responses to be cached, a cache cluster must be enabled on the stage.
        public let cachingEnabled: Bool?
        /// Indicates whether data trace logging is enabled for the method. Data trace logging affects the log entries that are pushed to CloudWatch Logs.
        public let dataTraceEnabled: Bool?
        /// The HTTP method. You can use an asterisk (*) as a wildcard to apply method settings to multiple methods.
        public let httpMethod: String?
        /// The logging level for this method. The logging level affects the log entries that are pushed to CloudWatch Logs. If the logging level is ERROR, then the logs only include error-level entries. If the logging level is INFO, then the logs include both ERROR events and extra informational events. Valid values: OFF | ERROR | INFO
        public let loggingLevel: String?
        /// Indicates whether CloudWatch metrics are enabled for the method.
        public let metricsEnabled: Bool?
        /// Indicates whether authorization is required for a cache invalidation request.
        public let requireAuthorizationForCacheControl: Bool?
        /// The resource path for this method. Forward slashes (/) are encoded as ~1 . The initial slash must include a forward slash. For example, the path value /resource/subresource must be encoded as /~1resource~1subresource. To specify the root path, use only a slash (/). You can use an asterisk (*) as a wildcard to apply method settings to multiple methods.
        public let resourcePath: String?
        /// The throttling burst limit for the method.
        public let throttlingBurstLimit: Int?
        /// The throttling rate limit for the method.
        public let throttlingRateLimit: Double?
        /// Indicates how to handle unauthorized requests for cache invalidation. Valid values: FAIL_WITH_403 | SUCCEED_WITH_RESPONSE_HEADER | SUCCEED_WITHOUT_RESPONSE_HEADER
        public let unauthorizedCacheControlHeaderStrategy: String?

        public init(cacheDataEncrypted: Bool? = nil, cacheTtlInSeconds: Int? = nil, cachingEnabled: Bool? = nil, dataTraceEnabled: Bool? = nil, httpMethod: String? = nil, loggingLevel: String? = nil, metricsEnabled: Bool? = nil, requireAuthorizationForCacheControl: Bool? = nil, resourcePath: String? = nil, throttlingBurstLimit: Int? = nil, throttlingRateLimit: Double? = nil, unauthorizedCacheControlHeaderStrategy: String? = nil) {
            self.cacheDataEncrypted = cacheDataEncrypted
            self.cacheTtlInSeconds = cacheTtlInSeconds
            self.cachingEnabled = cachingEnabled
            self.dataTraceEnabled = dataTraceEnabled
            self.httpMethod = httpMethod
            self.loggingLevel = loggingLevel
            self.metricsEnabled = metricsEnabled
            self.requireAuthorizationForCacheControl = requireAuthorizationForCacheControl
            self.resourcePath = resourcePath
            self.throttlingBurstLimit = throttlingBurstLimit
            self.throttlingRateLimit = throttlingRateLimit
            self.unauthorizedCacheControlHeaderStrategy = unauthorizedCacheControlHeaderStrategy
        }

        public func validate(name: String) throws {
            try self.validate(self.httpMethod, name: "httpMethod", parent: name, pattern: ".*\\S.*")
            try self.validate(self.loggingLevel, name: "loggingLevel", parent: name, pattern: ".*\\S.*")
            try self.validate(self.resourcePath, name: "resourcePath", parent: name, pattern: ".*\\S.*")
            try self.validate(self.unauthorizedCacheControlHeaderStrategy, name: "unauthorizedCacheControlHeaderStrategy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cacheDataEncrypted = "CacheDataEncrypted"
            case cacheTtlInSeconds = "CacheTtlInSeconds"
            case cachingEnabled = "CachingEnabled"
            case dataTraceEnabled = "DataTraceEnabled"
            case httpMethod = "HttpMethod"
            case loggingLevel = "LoggingLevel"
            case metricsEnabled = "MetricsEnabled"
            case requireAuthorizationForCacheControl = "RequireAuthorizationForCacheControl"
            case resourcePath = "ResourcePath"
            case throttlingBurstLimit = "ThrottlingBurstLimit"
            case throttlingRateLimit = "ThrottlingRateLimit"
            case unauthorizedCacheControlHeaderStrategy = "UnauthorizedCacheControlHeaderStrategy"
        }
    }

    public struct AwsApiGatewayRestApiDetails: AWSEncodableShape & AWSDecodableShape {
        /// The source of the API key for metering requests according to a usage plan.  HEADER indicates whether to read the API key from the X-API-Key header of a request.  AUTHORIZER indicates whether to read the API key from the UsageIdentifierKey from a custom authorizer.
        public let apiKeySource: String?
        /// The list of binary media types supported by the REST API.
        public let binaryMediaTypes: [String]?
        /// Indicates when the API was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdDate: String?
        /// A description of the REST API.
        public let description: String?
        /// The endpoint configuration of the REST API.
        public let endpointConfiguration: AwsApiGatewayEndpointConfiguration?
        /// The identifier of the REST API.
        public let id: String?
        /// The minimum size in bytes of a payload before compression is enabled. If null, then compression is disabled. If 0, then all payloads are compressed.
        public let minimumCompressionSize: Int?
        /// The name of the REST API.
        public let name: String?
        /// The version identifier for the REST API.
        public let version: String?

        public init(apiKeySource: String? = nil, binaryMediaTypes: [String]? = nil, createdDate: String? = nil, description: String? = nil, endpointConfiguration: AwsApiGatewayEndpointConfiguration? = nil, id: String? = nil, minimumCompressionSize: Int? = nil, name: String? = nil, version: String? = nil) {
            self.apiKeySource = apiKeySource
            self.binaryMediaTypes = binaryMediaTypes
            self.createdDate = createdDate
            self.description = description
            self.endpointConfiguration = endpointConfiguration
            self.id = id
            self.minimumCompressionSize = minimumCompressionSize
            self.name = name
            self.version = version
        }

        public func validate(name: String) throws {
            try self.validate(self.apiKeySource, name: "apiKeySource", parent: name, pattern: ".*\\S.*")
            try self.binaryMediaTypes?.forEach {
                try validate($0, name: "binaryMediaTypes[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.createdDate, name: "createdDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.endpointConfiguration?.validate(name: "\(name).endpointConfiguration")
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.version, name: "version", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case apiKeySource = "ApiKeySource"
            case binaryMediaTypes = "BinaryMediaTypes"
            case createdDate = "CreatedDate"
            case description = "Description"
            case endpointConfiguration = "EndpointConfiguration"
            case id = "Id"
            case minimumCompressionSize = "MinimumCompressionSize"
            case name = "Name"
            case version = "Version"
        }
    }

    public struct AwsApiGatewayStageDetails: AWSEncodableShape & AWSDecodableShape {
        /// Settings for logging access for the stage.
        public let accessLogSettings: AwsApiGatewayAccessLogSettings?
        /// Indicates whether a cache cluster is enabled for the stage.
        public let cacheClusterEnabled: Bool?
        /// If a cache cluster is enabled, the size of the cache cluster.
        public let cacheClusterSize: String?
        /// If a cache cluster is enabled, the status of the cache cluster.
        public let cacheClusterStatus: String?
        /// Information about settings for canary deployment in the stage.
        public let canarySettings: AwsApiGatewayCanarySettings?
        /// The identifier of the client certificate for the stage.
        public let clientCertificateId: String?
        /// Indicates when the stage was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdDate: String?
        /// The identifier of the deployment that the stage points to.
        public let deploymentId: String?
        /// A description of the stage.
        public let description: String?
        /// The version of the API documentation that is associated with the stage.
        public let documentationVersion: String?
        /// Indicates when the stage was most recently updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastUpdatedDate: String?
        /// Defines the method settings for the stage.
        public let methodSettings: [AwsApiGatewayMethodSettings]?
        /// The name of the stage.
        public let stageName: String?
        /// Indicates whether active tracing with AWS X-Ray is enabled for the stage.
        public let tracingEnabled: Bool?
        /// A map that defines the stage variables for the stage. Variable names can have alphanumeric and underscore characters. Variable values can contain the following characters:   Uppercase and lowercase letters   Numbers   Special characters -._~:/?#&amp;=,
        public let variables: [String: String]?
        /// The ARN of the web ACL associated with the stage.
        public let webAclArn: String?

        public init(accessLogSettings: AwsApiGatewayAccessLogSettings? = nil, cacheClusterEnabled: Bool? = nil, cacheClusterSize: String? = nil, cacheClusterStatus: String? = nil, canarySettings: AwsApiGatewayCanarySettings? = nil, clientCertificateId: String? = nil, createdDate: String? = nil, deploymentId: String? = nil, description: String? = nil, documentationVersion: String? = nil, lastUpdatedDate: String? = nil, methodSettings: [AwsApiGatewayMethodSettings]? = nil, stageName: String? = nil, tracingEnabled: Bool? = nil, variables: [String: String]? = nil, webAclArn: String? = nil) {
            self.accessLogSettings = accessLogSettings
            self.cacheClusterEnabled = cacheClusterEnabled
            self.cacheClusterSize = cacheClusterSize
            self.cacheClusterStatus = cacheClusterStatus
            self.canarySettings = canarySettings
            self.clientCertificateId = clientCertificateId
            self.createdDate = createdDate
            self.deploymentId = deploymentId
            self.description = description
            self.documentationVersion = documentationVersion
            self.lastUpdatedDate = lastUpdatedDate
            self.methodSettings = methodSettings
            self.stageName = stageName
            self.tracingEnabled = tracingEnabled
            self.variables = variables
            self.webAclArn = webAclArn
        }

        public func validate(name: String) throws {
            try self.accessLogSettings?.validate(name: "\(name).accessLogSettings")
            try self.validate(self.cacheClusterSize, name: "cacheClusterSize", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cacheClusterStatus, name: "cacheClusterStatus", parent: name, pattern: ".*\\S.*")
            try self.canarySettings?.validate(name: "\(name).canarySettings")
            try self.validate(self.clientCertificateId, name: "clientCertificateId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createdDate, name: "createdDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.deploymentId, name: "deploymentId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.documentationVersion, name: "documentationVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastUpdatedDate, name: "lastUpdatedDate", parent: name, pattern: ".*\\S.*")
            try self.methodSettings?.forEach {
                try $0.validate(name: "\(name).methodSettings[]")
            }
            try self.validate(self.stageName, name: "stageName", parent: name, pattern: ".*\\S.*")
            try self.variables?.forEach {
                try validate($0.key, name: "variables.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "variables[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.webAclArn, name: "webAclArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case accessLogSettings = "AccessLogSettings"
            case cacheClusterEnabled = "CacheClusterEnabled"
            case cacheClusterSize = "CacheClusterSize"
            case cacheClusterStatus = "CacheClusterStatus"
            case canarySettings = "CanarySettings"
            case clientCertificateId = "ClientCertificateId"
            case createdDate = "CreatedDate"
            case deploymentId = "DeploymentId"
            case description = "Description"
            case documentationVersion = "DocumentationVersion"
            case lastUpdatedDate = "LastUpdatedDate"
            case methodSettings = "MethodSettings"
            case stageName = "StageName"
            case tracingEnabled = "TracingEnabled"
            case variables = "Variables"
            case webAclArn = "WebAclArn"
        }
    }

    public struct AwsApiGatewayV2ApiDetails: AWSEncodableShape & AWSDecodableShape {
        /// The URI of the API.  Uses the format  &lt;api-id&gt;.execute-api.&lt;region&gt;.amazonaws.com  The stage name is typically appended to the URI to form a complete path to a deployed API stage.
        public let apiEndpoint: String?
        /// The identifier of the API.
        public let apiId: String?
        /// An API key selection expression. Supported only for WebSocket APIs.
        public let apiKeySelectionExpression: String?
        /// A cross-origin resource sharing (CORS) configuration. Supported only for HTTP APIs.
        public let corsConfiguration: AwsCorsConfiguration?
        /// Indicates when the API was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdDate: String?
        /// A description of the API.
        public let description: String?
        /// The name of the API.
        public let name: String?
        /// The API protocol for the API. Valid values: WEBSOCKET | HTTP
        public let protocolType: String?
        /// The route selection expression for the API. For HTTP APIs, must be ${request.method} ${request.path}. This is the default value for HTTP APIs. For WebSocket APIs, there is no default value.
        public let routeSelectionExpression: String?
        /// The version identifier for the API.
        public let version: String?

        public init(apiEndpoint: String? = nil, apiId: String? = nil, apiKeySelectionExpression: String? = nil, corsConfiguration: AwsCorsConfiguration? = nil, createdDate: String? = nil, description: String? = nil, name: String? = nil, protocolType: String? = nil, routeSelectionExpression: String? = nil, version: String? = nil) {
            self.apiEndpoint = apiEndpoint
            self.apiId = apiId
            self.apiKeySelectionExpression = apiKeySelectionExpression
            self.corsConfiguration = corsConfiguration
            self.createdDate = createdDate
            self.description = description
            self.name = name
            self.protocolType = protocolType
            self.routeSelectionExpression = routeSelectionExpression
            self.version = version
        }

        public func validate(name: String) throws {
            try self.validate(self.apiEndpoint, name: "apiEndpoint", parent: name, pattern: ".*\\S.*")
            try self.validate(self.apiId, name: "apiId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.apiKeySelectionExpression, name: "apiKeySelectionExpression", parent: name, pattern: ".*\\S.*")
            try self.corsConfiguration?.validate(name: "\(name).corsConfiguration")
            try self.validate(self.createdDate, name: "createdDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.protocolType, name: "protocolType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.routeSelectionExpression, name: "routeSelectionExpression", parent: name, pattern: ".*\\S.*")
            try self.validate(self.version, name: "version", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case apiEndpoint = "ApiEndpoint"
            case apiId = "ApiId"
            case apiKeySelectionExpression = "ApiKeySelectionExpression"
            case corsConfiguration = "CorsConfiguration"
            case createdDate = "CreatedDate"
            case description = "Description"
            case name = "Name"
            case protocolType = "ProtocolType"
            case routeSelectionExpression = "RouteSelectionExpression"
            case version = "Version"
        }
    }

    public struct AwsApiGatewayV2RouteSettings: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether data trace logging is enabled. Data trace logging affects the log entries that are pushed to CloudWatch Logs. Supported only for WebSocket APIs.
        public let dataTraceEnabled: Bool?
        /// Indicates whether detailed metrics are enabled.
        public let detailedMetricsEnabled: Bool?
        /// The logging level. The logging level affects the log entries that are pushed to CloudWatch Logs. Supported only for WebSocket APIs. If the logging level is ERROR, then the logs only include error-level entries. If the logging level is INFO, then the logs include both ERROR events and extra informational events. Valid values: OFF | ERROR | INFO
        public let loggingLevel: String?
        /// The throttling burst limit.
        public let throttlingBurstLimit: Int?
        /// The throttling rate limit.
        public let throttlingRateLimit: Double?

        public init(dataTraceEnabled: Bool? = nil, detailedMetricsEnabled: Bool? = nil, loggingLevel: String? = nil, throttlingBurstLimit: Int? = nil, throttlingRateLimit: Double? = nil) {
            self.dataTraceEnabled = dataTraceEnabled
            self.detailedMetricsEnabled = detailedMetricsEnabled
            self.loggingLevel = loggingLevel
            self.throttlingBurstLimit = throttlingBurstLimit
            self.throttlingRateLimit = throttlingRateLimit
        }

        public func validate(name: String) throws {
            try self.validate(self.loggingLevel, name: "loggingLevel", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dataTraceEnabled = "DataTraceEnabled"
            case detailedMetricsEnabled = "DetailedMetricsEnabled"
            case loggingLevel = "LoggingLevel"
            case throttlingBurstLimit = "ThrottlingBurstLimit"
            case throttlingRateLimit = "ThrottlingRateLimit"
        }
    }

    public struct AwsApiGatewayV2StageDetails: AWSEncodableShape & AWSDecodableShape {
        /// Information about settings for logging access for the stage.
        public let accessLogSettings: AwsApiGatewayAccessLogSettings?
        /// Indicates whether the stage is managed by API Gateway.
        public let apiGatewayManaged: Bool?
        /// Indicates whether updates to an API automatically trigger a new deployment.
        public let autoDeploy: Bool?
        /// Indicates when the stage was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdDate: String?
        /// Default route settings for the stage.
        public let defaultRouteSettings: AwsApiGatewayV2RouteSettings?
        /// The identifier of the deployment that the stage is associated with.
        public let deploymentId: String?
        /// The description of the stage.
        public let description: String?
        /// The status of the last deployment of a stage. Supported only if the stage has automatic deployment enabled.
        public let lastDeploymentStatusMessage: String?
        /// Indicates when the stage was most recently updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastUpdatedDate: String?
        /// The route settings for the stage.
        public let routeSettings: AwsApiGatewayV2RouteSettings?
        /// The name of the stage.
        public let stageName: String?
        /// A map that defines the stage variables for the stage. Variable names can have alphanumeric and underscore characters. Variable values can contain the following characters:   Uppercase and lowercase letters   Numbers   Special characters -._~:/?#&amp;=,
        public let stageVariables: [String: String]?

        public init(accessLogSettings: AwsApiGatewayAccessLogSettings? = nil, apiGatewayManaged: Bool? = nil, autoDeploy: Bool? = nil, createdDate: String? = nil, defaultRouteSettings: AwsApiGatewayV2RouteSettings? = nil, deploymentId: String? = nil, description: String? = nil, lastDeploymentStatusMessage: String? = nil, lastUpdatedDate: String? = nil, routeSettings: AwsApiGatewayV2RouteSettings? = nil, stageName: String? = nil, stageVariables: [String: String]? = nil) {
            self.accessLogSettings = accessLogSettings
            self.apiGatewayManaged = apiGatewayManaged
            self.autoDeploy = autoDeploy
            self.createdDate = createdDate
            self.defaultRouteSettings = defaultRouteSettings
            self.deploymentId = deploymentId
            self.description = description
            self.lastDeploymentStatusMessage = lastDeploymentStatusMessage
            self.lastUpdatedDate = lastUpdatedDate
            self.routeSettings = routeSettings
            self.stageName = stageName
            self.stageVariables = stageVariables
        }

        public func validate(name: String) throws {
            try self.accessLogSettings?.validate(name: "\(name).accessLogSettings")
            try self.validate(self.createdDate, name: "createdDate", parent: name, pattern: ".*\\S.*")
            try self.defaultRouteSettings?.validate(name: "\(name).defaultRouteSettings")
            try self.validate(self.deploymentId, name: "deploymentId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastDeploymentStatusMessage, name: "lastDeploymentStatusMessage", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastUpdatedDate, name: "lastUpdatedDate", parent: name, pattern: ".*\\S.*")
            try self.routeSettings?.validate(name: "\(name).routeSettings")
            try self.validate(self.stageName, name: "stageName", parent: name, pattern: ".*\\S.*")
            try self.stageVariables?.forEach {
                try validate($0.key, name: "stageVariables.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "stageVariables[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accessLogSettings = "AccessLogSettings"
            case apiGatewayManaged = "ApiGatewayManaged"
            case autoDeploy = "AutoDeploy"
            case createdDate = "CreatedDate"
            case defaultRouteSettings = "DefaultRouteSettings"
            case deploymentId = "DeploymentId"
            case description = "Description"
            case lastDeploymentStatusMessage = "LastDeploymentStatusMessage"
            case lastUpdatedDate = "LastUpdatedDate"
            case routeSettings = "RouteSettings"
            case stageName = "StageName"
            case stageVariables = "StageVariables"
        }
    }

    public struct AwsAutoScalingAutoScalingGroupDetails: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the auto scaling group was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdTime: String?
        /// The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before it checks the health status of an EC2 instance that has come into service.
        public let healthCheckGracePeriod: Int?
        /// The service to use for the health checks.
        public let healthCheckType: String?
        /// The name of the launch configuration.
        public let launchConfigurationName: String?
        /// The list of load balancers associated with the group.
        public let loadBalancerNames: [String]?

        public init(createdTime: String? = nil, healthCheckGracePeriod: Int? = nil, healthCheckType: String? = nil, launchConfigurationName: String? = nil, loadBalancerNames: [String]? = nil) {
            self.createdTime = createdTime
            self.healthCheckGracePeriod = healthCheckGracePeriod
            self.healthCheckType = healthCheckType
            self.launchConfigurationName = launchConfigurationName
            self.loadBalancerNames = loadBalancerNames
        }

        public func validate(name: String) throws {
            try self.validate(self.createdTime, name: "createdTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.healthCheckType, name: "healthCheckType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.launchConfigurationName, name: "launchConfigurationName", parent: name, pattern: ".*\\S.*")
            try self.loadBalancerNames?.forEach {
                try validate($0, name: "loadBalancerNames[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case createdTime = "CreatedTime"
            case healthCheckGracePeriod = "HealthCheckGracePeriod"
            case healthCheckType = "HealthCheckType"
            case launchConfigurationName = "LaunchConfigurationName"
            case loadBalancerNames = "LoadBalancerNames"
        }
    }

    public struct AwsCertificateManagerCertificateDetails: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the private certificate authority (CA) that will be used to issue the certificate.
        public let certificateAuthorityArn: String?
        /// Indicates when the certificate was requested. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdAt: String?
        /// The fully qualified domain name (FQDN), such as www.example.com, that is secured by the certificate.
        public let domainName: String?
        /// Contains information about the initial validation of each domain name that occurs as a result of the RequestCertificate request. Only provided if the certificate type is AMAZON_ISSUED.
        public let domainValidationOptions: [AwsCertificateManagerCertificateDomainValidationOption]?
        /// Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).
        public let extendedKeyUsages: [AwsCertificateManagerCertificateExtendedKeyUsage]?
        /// For a failed certificate request, the reason for the failure. Valid values: NO_AVAILABLE_CONTACTS | ADDITIONAL_VERIFICATION_REQUIRED | DOMAIN_NOT_ALLOWED | INVALID_PUBLIC_DOMAIN | DOMAIN_VALIDATION_DENIED | CAA_ERROR | PCA_LIMIT_EXCEEDED | PCA_INVALID_ARN | PCA_INVALID_STATE | PCA_REQUEST_FAILED | PCA_NAME_CONSTRAINTS_VALIDATION | PCA_RESOURCE_NOT_FOUND | PCA_INVALID_ARGS | PCA_INVALID_DURATION | PCA_ACCESS_DENIED | SLR_NOT_FOUND | OTHER
        public let failureReason: String?
        /// Indicates when the certificate was imported. Provided if the certificate type is IMPORTED. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let importedAt: String?
        /// The list of ARNs for the AWS resources that use the certificate.
        public let inUseBy: [String]?
        /// Indicates when the certificate was issued. Provided if the certificate type is AMAZON_ISSUED. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let issuedAt: String?
        /// The name of the certificate authority that issued and signed the certificate.
        public let issuer: String?
        /// The algorithm that was used to generate the public-private key pair. Valid values: RSA_2048 | RSA_1024 | RSA_4096 | EC_prime256v1 | EC_secp384r1 | EC_secp521r1
        public let keyAlgorithm: String?
        /// A list of key usage X.509 v3 extension objects.
        public let keyUsages: [AwsCertificateManagerCertificateKeyUsage]?
        /// The time after which the certificate becomes invalid. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let notAfter: String?
        /// The time before which the certificate is not valid. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let notBefore: String?
        /// Provides a value that specifies whether to add the certificate to a transparency log.
        public let options: AwsCertificateManagerCertificateOptions?
        /// Whether the certificate is eligible for renewal. Valid values: ELIGIBLE | INELIGIBLE
        public let renewalEligibility: String?
        /// Information about the status of the AWS Certificate Manager managed renewal for the certificate. Provided only when the certificate type is AMAZON_ISSUED.
        public let renewalSummary: AwsCertificateManagerCertificateRenewalSummary?
        /// The serial number of the certificate.
        public let serial: String?
        /// The algorithm that was used to sign the certificate.
        public let signatureAlgorithm: String?
        /// The status of the certificate. Valid values: PENDING_VALIDATION | ISSUED | INACTIVE | EXPIRED | VALIDATION_TIMED_OUT | REVOKED | FAILED
        public let status: String?
        /// The name of the entity that is associated with the public key contained in the certificate.
        public let subject: String?
        /// One or more domain names (subject alternative names) included in the certificate. This list contains the domain names that are bound to the public key that is contained in the certificate. The subject alternative names include the canonical domain name (CN) of the certificate and additional domain names that can be used to connect to the website.
        public let subjectAlternativeNames: [String]?
        /// The source of the certificate. For certificates that AWS Certificate Manager provides, Type is AMAZON_ISSUED. For certificates that are imported with ImportCertificate, Type is IMPORTED. Valid values: IMPORTED | AMAZON_ISSUED | PRIVATE
        public let type: String?

        public init(certificateAuthorityArn: String? = nil, createdAt: String? = nil, domainName: String? = nil, domainValidationOptions: [AwsCertificateManagerCertificateDomainValidationOption]? = nil, extendedKeyUsages: [AwsCertificateManagerCertificateExtendedKeyUsage]? = nil, failureReason: String? = nil, importedAt: String? = nil, inUseBy: [String]? = nil, issuedAt: String? = nil, issuer: String? = nil, keyAlgorithm: String? = nil, keyUsages: [AwsCertificateManagerCertificateKeyUsage]? = nil, notAfter: String? = nil, notBefore: String? = nil, options: AwsCertificateManagerCertificateOptions? = nil, renewalEligibility: String? = nil, renewalSummary: AwsCertificateManagerCertificateRenewalSummary? = nil, serial: String? = nil, signatureAlgorithm: String? = nil, status: String? = nil, subject: String? = nil, subjectAlternativeNames: [String]? = nil, type: String? = nil) {
            self.certificateAuthorityArn = certificateAuthorityArn
            self.createdAt = createdAt
            self.domainName = domainName
            self.domainValidationOptions = domainValidationOptions
            self.extendedKeyUsages = extendedKeyUsages
            self.failureReason = failureReason
            self.importedAt = importedAt
            self.inUseBy = inUseBy
            self.issuedAt = issuedAt
            self.issuer = issuer
            self.keyAlgorithm = keyAlgorithm
            self.keyUsages = keyUsages
            self.notAfter = notAfter
            self.notBefore = notBefore
            self.options = options
            self.renewalEligibility = renewalEligibility
            self.renewalSummary = renewalSummary
            self.serial = serial
            self.signatureAlgorithm = signatureAlgorithm
            self.status = status
            self.subject = subject
            self.subjectAlternativeNames = subjectAlternativeNames
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.certificateAuthorityArn, name: "certificateAuthorityArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createdAt, name: "createdAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.domainName, name: "domainName", parent: name, pattern: ".*\\S.*")
            try self.domainValidationOptions?.forEach {
                try $0.validate(name: "\(name).domainValidationOptions[]")
            }
            try self.extendedKeyUsages?.forEach {
                try $0.validate(name: "\(name).extendedKeyUsages[]")
            }
            try self.validate(self.failureReason, name: "failureReason", parent: name, pattern: ".*\\S.*")
            try self.validate(self.importedAt, name: "importedAt", parent: name, pattern: ".*\\S.*")
            try self.inUseBy?.forEach {
                try validate($0, name: "inUseBy[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.issuedAt, name: "issuedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.issuer, name: "issuer", parent: name, pattern: ".*\\S.*")
            try self.validate(self.keyAlgorithm, name: "keyAlgorithm", parent: name, pattern: ".*\\S.*")
            try self.keyUsages?.forEach {
                try $0.validate(name: "\(name).keyUsages[]")
            }
            try self.validate(self.notAfter, name: "notAfter", parent: name, pattern: ".*\\S.*")
            try self.validate(self.notBefore, name: "notBefore", parent: name, pattern: ".*\\S.*")
            try self.options?.validate(name: "\(name).options")
            try self.validate(self.renewalEligibility, name: "renewalEligibility", parent: name, pattern: ".*\\S.*")
            try self.renewalSummary?.validate(name: "\(name).renewalSummary")
            try self.validate(self.serial, name: "serial", parent: name, pattern: ".*\\S.*")
            try self.validate(self.signatureAlgorithm, name: "signatureAlgorithm", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.subject, name: "subject", parent: name, pattern: ".*\\S.*")
            try self.subjectAlternativeNames?.forEach {
                try validate($0, name: "subjectAlternativeNames[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case certificateAuthorityArn = "CertificateAuthorityArn"
            case createdAt = "CreatedAt"
            case domainName = "DomainName"
            case domainValidationOptions = "DomainValidationOptions"
            case extendedKeyUsages = "ExtendedKeyUsages"
            case failureReason = "FailureReason"
            case importedAt = "ImportedAt"
            case inUseBy = "InUseBy"
            case issuedAt = "IssuedAt"
            case issuer = "Issuer"
            case keyAlgorithm = "KeyAlgorithm"
            case keyUsages = "KeyUsages"
            case notAfter = "NotAfter"
            case notBefore = "NotBefore"
            case options = "Options"
            case renewalEligibility = "RenewalEligibility"
            case renewalSummary = "RenewalSummary"
            case serial = "Serial"
            case signatureAlgorithm = "SignatureAlgorithm"
            case status = "Status"
            case subject = "Subject"
            case subjectAlternativeNames = "SubjectAlternativeNames"
            case type = "Type"
        }
    }

    public struct AwsCertificateManagerCertificateDomainValidationOption: AWSEncodableShape & AWSDecodableShape {
        /// A fully qualified domain name (FQDN) in the certificate.
        public let domainName: String?
        /// The CNAME record that is added to the DNS database for domain validation.
        public let resourceRecord: AwsCertificateManagerCertificateResourceRecord?
        /// The domain name that AWS Certificate Manager uses to send domain validation emails.
        public let validationDomain: String?
        /// A list of email addresses that AWS Certificate Manager uses to send domain validation emails.
        public let validationEmails: [String]?
        /// The method used to validate the domain name.
        public let validationMethod: String?
        /// The validation status of the domain name.
        public let validationStatus: String?

        public init(domainName: String? = nil, resourceRecord: AwsCertificateManagerCertificateResourceRecord? = nil, validationDomain: String? = nil, validationEmails: [String]? = nil, validationMethod: String? = nil, validationStatus: String? = nil) {
            self.domainName = domainName
            self.resourceRecord = resourceRecord
            self.validationDomain = validationDomain
            self.validationEmails = validationEmails
            self.validationMethod = validationMethod
            self.validationStatus = validationStatus
        }

        public func validate(name: String) throws {
            try self.validate(self.domainName, name: "domainName", parent: name, pattern: ".*\\S.*")
            try self.resourceRecord?.validate(name: "\(name).resourceRecord")
            try self.validate(self.validationDomain, name: "validationDomain", parent: name, pattern: ".*\\S.*")
            try self.validationEmails?.forEach {
                try validate($0, name: "validationEmails[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.validationMethod, name: "validationMethod", parent: name, pattern: ".*\\S.*")
            try self.validate(self.validationStatus, name: "validationStatus", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case domainName = "DomainName"
            case resourceRecord = "ResourceRecord"
            case validationDomain = "ValidationDomain"
            case validationEmails = "ValidationEmails"
            case validationMethod = "ValidationMethod"
            case validationStatus = "ValidationStatus"
        }
    }

    public struct AwsCertificateManagerCertificateExtendedKeyUsage: AWSEncodableShape & AWSDecodableShape {
        /// The name of an extension value. Indicates the purpose for which the certificate public key can be used.
        public let name: String?
        /// An object identifier (OID) for the extension value. The format is numbers separated by periods.
        public let oId: String?

        public init(name: String? = nil, oId: String? = nil) {
            self.name = name
            self.oId = oId
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.oId, name: "oId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case oId = "OId"
        }
    }

    public struct AwsCertificateManagerCertificateKeyUsage: AWSEncodableShape & AWSDecodableShape {
        /// The key usage extension name.
        public let name: String?

        public init(name: String? = nil) {
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
        }
    }

    public struct AwsCertificateManagerCertificateOptions: AWSEncodableShape & AWSDecodableShape {
        /// Whether to add the certificate to a transparency log. Valid values: DISABLED | ENABLED
        public let certificateTransparencyLoggingPreference: String?

        public init(certificateTransparencyLoggingPreference: String? = nil) {
            self.certificateTransparencyLoggingPreference = certificateTransparencyLoggingPreference
        }

        public func validate(name: String) throws {
            try self.validate(self.certificateTransparencyLoggingPreference, name: "certificateTransparencyLoggingPreference", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case certificateTransparencyLoggingPreference = "CertificateTransparencyLoggingPreference"
        }
    }

    public struct AwsCertificateManagerCertificateRenewalSummary: AWSEncodableShape & AWSDecodableShape {
        /// Information about the validation of each domain name in the certificate, as it pertains to AWS Certificate Manager managed renewal. Provided only when the certificate type is AMAZON_ISSUED.
        public let domainValidationOptions: [AwsCertificateManagerCertificateDomainValidationOption]?
        /// The status of the AWS Certificate Manager managed renewal of the certificate. Valid values: PENDING_AUTO_RENEWAL | PENDING_VALIDATION | SUCCESS | FAILED
        public let renewalStatus: String?
        /// The reason that a renewal request was unsuccessful. Valid values: NO_AVAILABLE_CONTACTS | ADDITIONAL_VERIFICATION_REQUIRED | DOMAIN_NOT_ALLOWED | INVALID_PUBLIC_DOMAIN | DOMAIN_VALIDATION_DENIED | CAA_ERROR | PCA_LIMIT_EXCEEDED | PCA_INVALID_ARN | PCA_INVALID_STATE | PCA_REQUEST_FAILED | PCA_NAME_CONSTRAINTS_VALIDATION | PCA_RESOURCE_NOT_FOUND | PCA_INVALID_ARGS | PCA_INVALID_DURATION | PCA_ACCESS_DENIED | SLR_NOT_FOUND | OTHER
        public let renewalStatusReason: String?
        /// Indicates when the renewal summary was last updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let updatedAt: String?

        public init(domainValidationOptions: [AwsCertificateManagerCertificateDomainValidationOption]? = nil, renewalStatus: String? = nil, renewalStatusReason: String? = nil, updatedAt: String? = nil) {
            self.domainValidationOptions = domainValidationOptions
            self.renewalStatus = renewalStatus
            self.renewalStatusReason = renewalStatusReason
            self.updatedAt = updatedAt
        }

        public func validate(name: String) throws {
            try self.domainValidationOptions?.forEach {
                try $0.validate(name: "\(name).domainValidationOptions[]")
            }
            try self.validate(self.renewalStatus, name: "renewalStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.renewalStatusReason, name: "renewalStatusReason", parent: name, pattern: ".*\\S.*")
            try self.validate(self.updatedAt, name: "updatedAt", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case domainValidationOptions = "DomainValidationOptions"
            case renewalStatus = "RenewalStatus"
            case renewalStatusReason = "RenewalStatusReason"
            case updatedAt = "UpdatedAt"
        }
    }

    public struct AwsCertificateManagerCertificateResourceRecord: AWSEncodableShape & AWSDecodableShape {
        /// The name of the resource.
        public let name: String?
        /// The type of resource.
        public let type: String?
        /// The value of the resource.
        public let value: String?

        public init(name: String? = nil, type: String? = nil, value: String? = nil) {
            self.name = name
            self.type = type
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case type = "Type"
            case value = "Value"
        }
    }

    public struct AwsCloudFrontDistributionCacheBehavior: AWSEncodableShape & AWSDecodableShape {
        /// The protocol that viewers can use to access the files in an origin. You can specify the following options:    allow-all - Viewers can use HTTP or HTTPS.    redirect-to-https - CloudFront responds to HTTP requests with an HTTP status code of 301 (Moved Permanently) and the HTTPS URL. The viewer then uses the new URL to resubmit.    https-only - CloudFront responds to HTTP request with an HTTP status code of 403 (Forbidden).
        public let viewerProtocolPolicy: String?

        public init(viewerProtocolPolicy: String? = nil) {
            self.viewerProtocolPolicy = viewerProtocolPolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.viewerProtocolPolicy, name: "viewerProtocolPolicy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case viewerProtocolPolicy = "ViewerProtocolPolicy"
        }
    }

    public struct AwsCloudFrontDistributionCacheBehaviors: AWSEncodableShape & AWSDecodableShape {
        /// The cache behaviors for the distribution.
        public let items: [AwsCloudFrontDistributionCacheBehavior]?

        public init(items: [AwsCloudFrontDistributionCacheBehavior]? = nil) {
            self.items = items
        }

        public func validate(name: String) throws {
            try self.items?.forEach {
                try $0.validate(name: "\(name).items[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case items = "Items"
        }
    }

    public struct AwsCloudFrontDistributionDefaultCacheBehavior: AWSEncodableShape & AWSDecodableShape {
        /// The protocol that viewers can use to access the files in an origin. You can specify the following options:    allow-all - Viewers can use HTTP or HTTPS.    redirect-to-https - CloudFront responds to HTTP requests with an HTTP status code of 301 (Moved Permanently) and the HTTPS URL. The viewer then uses the new URL to resubmit.    https-only - CloudFront responds to HTTP request with an HTTP status code of 403 (Forbidden).
        public let viewerProtocolPolicy: String?

        public init(viewerProtocolPolicy: String? = nil) {
            self.viewerProtocolPolicy = viewerProtocolPolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.viewerProtocolPolicy, name: "viewerProtocolPolicy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case viewerProtocolPolicy = "ViewerProtocolPolicy"
        }
    }

    public struct AwsCloudFrontDistributionDetails: AWSEncodableShape & AWSDecodableShape {
        /// Provides information about the cache configuration for the distribution.
        public let cacheBehaviors: AwsCloudFrontDistributionCacheBehaviors?
        /// The default cache behavior for the configuration.
        public let defaultCacheBehavior: AwsCloudFrontDistributionDefaultCacheBehavior?
        /// The object that CloudFront sends in response to requests from the origin (for example, index.html) when a viewer requests the root URL for the distribution (http://www.example.com) instead of an object in your distribution (http://www.example.com/product-description.html).
        public let defaultRootObject: String?
        /// The domain name corresponding to the distribution.
        public let domainName: String?
        /// The entity tag is a hash of the object.
        public let eTag: String?
        /// Indicates when that the distribution was last modified. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastModifiedTime: String?
        /// A complex type that controls whether access logs are written for the distribution.
        public let logging: AwsCloudFrontDistributionLogging?
        /// Provides information about the origin groups in the distribution.
        public let originGroups: AwsCloudFrontDistributionOriginGroups?
        /// A complex type that contains information about origins for this distribution.
        public let origins: AwsCloudFrontDistributionOrigins?
        /// Indicates the current status of the distribution.
        public let status: String?
        /// A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.
        public let webAclId: String?

        public init(cacheBehaviors: AwsCloudFrontDistributionCacheBehaviors? = nil, defaultCacheBehavior: AwsCloudFrontDistributionDefaultCacheBehavior? = nil, defaultRootObject: String? = nil, domainName: String? = nil, eTag: String? = nil, lastModifiedTime: String? = nil, logging: AwsCloudFrontDistributionLogging? = nil, originGroups: AwsCloudFrontDistributionOriginGroups? = nil, origins: AwsCloudFrontDistributionOrigins? = nil, status: String? = nil, webAclId: String? = nil) {
            self.cacheBehaviors = cacheBehaviors
            self.defaultCacheBehavior = defaultCacheBehavior
            self.defaultRootObject = defaultRootObject
            self.domainName = domainName
            self.eTag = eTag
            self.lastModifiedTime = lastModifiedTime
            self.logging = logging
            self.originGroups = originGroups
            self.origins = origins
            self.status = status
            self.webAclId = webAclId
        }

        public func validate(name: String) throws {
            try self.cacheBehaviors?.validate(name: "\(name).cacheBehaviors")
            try self.defaultCacheBehavior?.validate(name: "\(name).defaultCacheBehavior")
            try self.validate(self.defaultRootObject, name: "defaultRootObject", parent: name, pattern: ".*\\S.*")
            try self.validate(self.domainName, name: "domainName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.eTag, name: "eTag", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastModifiedTime, name: "lastModifiedTime", parent: name, pattern: ".*\\S.*")
            try self.logging?.validate(name: "\(name).logging")
            try self.origins?.validate(name: "\(name).origins")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.webAclId, name: "webAclId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cacheBehaviors = "CacheBehaviors"
            case defaultCacheBehavior = "DefaultCacheBehavior"
            case defaultRootObject = "DefaultRootObject"
            case domainName = "DomainName"
            case eTag = "ETag"
            case lastModifiedTime = "LastModifiedTime"
            case logging = "Logging"
            case originGroups = "OriginGroups"
            case origins = "Origins"
            case status = "Status"
            case webAclId = "WebAclId"
        }
    }

    public struct AwsCloudFrontDistributionLogging: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon S3 bucket to store the access logs in.
        public let bucket: String?
        /// With this field, you can enable or disable the selected distribution.
        public let enabled: Bool?
        /// Specifies whether you want CloudFront to include cookies in access logs.
        public let includeCookies: Bool?
        /// An optional string that you want CloudFront to use as a prefix to the access log filenames for this distribution.
        public let prefix: String?

        public init(bucket: String? = nil, enabled: Bool? = nil, includeCookies: Bool? = nil, prefix: String? = nil) {
            self.bucket = bucket
            self.enabled = enabled
            self.includeCookies = includeCookies
            self.prefix = prefix
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, pattern: ".*\\S.*")
            try self.validate(self.prefix, name: "prefix", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case enabled = "Enabled"
            case includeCookies = "IncludeCookies"
            case prefix = "Prefix"
        }
    }

    public struct AwsCloudFrontDistributionOriginGroup: AWSEncodableShape & AWSDecodableShape {
        /// Provides the criteria for an origin group to fail over.
        public let failoverCriteria: AwsCloudFrontDistributionOriginGroupFailover?

        public init(failoverCriteria: AwsCloudFrontDistributionOriginGroupFailover? = nil) {
            self.failoverCriteria = failoverCriteria
        }

        private enum CodingKeys: String, CodingKey {
            case failoverCriteria = "FailoverCriteria"
        }
    }

    public struct AwsCloudFrontDistributionOriginGroupFailover: AWSEncodableShape & AWSDecodableShape {
        /// Information about the status codes that cause an origin group to fail over.
        public let statusCodes: AwsCloudFrontDistributionOriginGroupFailoverStatusCodes?

        public init(statusCodes: AwsCloudFrontDistributionOriginGroupFailoverStatusCodes? = nil) {
            self.statusCodes = statusCodes
        }

        private enum CodingKeys: String, CodingKey {
            case statusCodes = "StatusCodes"
        }
    }

    public struct AwsCloudFrontDistributionOriginGroupFailoverStatusCodes: AWSEncodableShape & AWSDecodableShape {
        /// The list of status code values that can cause a failover to the next origin.
        public let items: [Int]?
        /// The number of status codes that can cause a failover.
        public let quantity: Int?

        public init(items: [Int]? = nil, quantity: Int? = nil) {
            self.items = items
            self.quantity = quantity
        }

        private enum CodingKeys: String, CodingKey {
            case items = "Items"
            case quantity = "Quantity"
        }
    }

    public struct AwsCloudFrontDistributionOriginGroups: AWSEncodableShape & AWSDecodableShape {
        /// The list of origin groups.
        public let items: [AwsCloudFrontDistributionOriginGroup]?

        public init(items: [AwsCloudFrontDistributionOriginGroup]? = nil) {
            self.items = items
        }

        private enum CodingKeys: String, CodingKey {
            case items = "Items"
        }
    }

    public struct AwsCloudFrontDistributionOriginItem: AWSEncodableShape & AWSDecodableShape {
        /// Amazon S3 origins: The DNS name of the Amazon S3 bucket from which you want CloudFront to get objects for this origin.
        public let domainName: String?
        /// A unique identifier for the origin or origin group.
        public let id: String?
        /// An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
        public let originPath: String?
        /// An origin that is an S3 bucket that is not configured with static website hosting.
        public let s3OriginConfig: AwsCloudFrontDistributionOriginS3OriginConfig?

        public init(domainName: String? = nil, id: String? = nil, originPath: String? = nil, s3OriginConfig: AwsCloudFrontDistributionOriginS3OriginConfig? = nil) {
            self.domainName = domainName
            self.id = id
            self.originPath = originPath
            self.s3OriginConfig = s3OriginConfig
        }

        public func validate(name: String) throws {
            try self.validate(self.domainName, name: "domainName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.originPath, name: "originPath", parent: name, pattern: ".*\\S.*")
            try self.s3OriginConfig?.validate(name: "\(name).s3OriginConfig")
        }

        private enum CodingKeys: String, CodingKey {
            case domainName = "DomainName"
            case id = "Id"
            case originPath = "OriginPath"
            case s3OriginConfig = "S3OriginConfig"
        }
    }

    public struct AwsCloudFrontDistributionOriginS3OriginConfig: AWSEncodableShape & AWSDecodableShape {
        /// The CloudFront origin access identity to associate with the origin.
        public let originAccessIdentity: String?

        public init(originAccessIdentity: String? = nil) {
            self.originAccessIdentity = originAccessIdentity
        }

        public func validate(name: String) throws {
            try self.validate(self.originAccessIdentity, name: "originAccessIdentity", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case originAccessIdentity = "OriginAccessIdentity"
        }
    }

    public struct AwsCloudFrontDistributionOrigins: AWSEncodableShape & AWSDecodableShape {
        /// A complex type that contains origins or origin groups for this distribution.
        public let items: [AwsCloudFrontDistributionOriginItem]?

        public init(items: [AwsCloudFrontDistributionOriginItem]? = nil) {
            self.items = items
        }

        public func validate(name: String) throws {
            try self.items?.forEach {
                try $0.validate(name: "\(name).items[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case items = "Items"
        }
    }

    public struct AwsCloudTrailTrailDetails: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the log group that CloudTrail logs are delivered to.
        public let cloudWatchLogsLogGroupArn: String?
        /// The ARN of the role that the CloudWatch Logs endpoint assumes when it writes to the log group.
        public let cloudWatchLogsRoleArn: String?
        /// Indicates whether the trail has custom event selectors.
        public let hasCustomEventSelectors: Bool?
        /// The Region where the trail was created.
        public let homeRegion: String?
        /// Indicates whether the trail publishes events from global services such as IAM to the log files.
        public let includeGlobalServiceEvents: Bool?
        /// Indicates whether the trail applies only to the current Region or to all Regions.
        public let isMultiRegionTrail: Bool?
        /// Whether the trail is created for all accounts in an organization in AWS Organizations, or only for the current AWS account.
        public let isOrganizationTrail: Bool?
        /// The AWS KMS key ID to use to encrypt the logs.
        public let kmsKeyId: String?
        /// Indicates whether CloudTrail log file validation is enabled.
        public let logFileValidationEnabled: Bool?
        /// The name of the trail.
        public let name: String?
        /// The name of the S3 bucket where the log files are published.
        public let s3BucketName: String?
        /// The S3 key prefix. The key prefix is added after the name of the S3 bucket where the log files are published.
        public let s3KeyPrefix: String?
        /// The ARN of the SNS topic that is used for notifications of log file delivery.
        public let snsTopicArn: String?
        /// The name of the SNS topic that is used for notifications of log file delivery.
        public let snsTopicName: String?
        /// The ARN of the trail.
        public let trailArn: String?

        public init(cloudWatchLogsLogGroupArn: String? = nil, cloudWatchLogsRoleArn: String? = nil, hasCustomEventSelectors: Bool? = nil, homeRegion: String? = nil, includeGlobalServiceEvents: Bool? = nil, isMultiRegionTrail: Bool? = nil, isOrganizationTrail: Bool? = nil, kmsKeyId: String? = nil, logFileValidationEnabled: Bool? = nil, name: String? = nil, s3BucketName: String? = nil, s3KeyPrefix: String? = nil, snsTopicArn: String? = nil, snsTopicName: String? = nil, trailArn: String? = nil) {
            self.cloudWatchLogsLogGroupArn = cloudWatchLogsLogGroupArn
            self.cloudWatchLogsRoleArn = cloudWatchLogsRoleArn
            self.hasCustomEventSelectors = hasCustomEventSelectors
            self.homeRegion = homeRegion
            self.includeGlobalServiceEvents = includeGlobalServiceEvents
            self.isMultiRegionTrail = isMultiRegionTrail
            self.isOrganizationTrail = isOrganizationTrail
            self.kmsKeyId = kmsKeyId
            self.logFileValidationEnabled = logFileValidationEnabled
            self.name = name
            self.s3BucketName = s3BucketName
            self.s3KeyPrefix = s3KeyPrefix
            self.snsTopicArn = snsTopicArn
            self.snsTopicName = snsTopicName
            self.trailArn = trailArn
        }

        public func validate(name: String) throws {
            try self.validate(self.cloudWatchLogsLogGroupArn, name: "cloudWatchLogsLogGroupArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cloudWatchLogsRoleArn, name: "cloudWatchLogsRoleArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.homeRegion, name: "homeRegion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.s3BucketName, name: "s3BucketName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.s3KeyPrefix, name: "s3KeyPrefix", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snsTopicArn, name: "snsTopicArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snsTopicName, name: "snsTopicName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.trailArn, name: "trailArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cloudWatchLogsLogGroupArn = "CloudWatchLogsLogGroupArn"
            case cloudWatchLogsRoleArn = "CloudWatchLogsRoleArn"
            case hasCustomEventSelectors = "HasCustomEventSelectors"
            case homeRegion = "HomeRegion"
            case includeGlobalServiceEvents = "IncludeGlobalServiceEvents"
            case isMultiRegionTrail = "IsMultiRegionTrail"
            case isOrganizationTrail = "IsOrganizationTrail"
            case kmsKeyId = "KmsKeyId"
            case logFileValidationEnabled = "LogFileValidationEnabled"
            case name = "Name"
            case s3BucketName = "S3BucketName"
            case s3KeyPrefix = "S3KeyPrefix"
            case snsTopicArn = "SnsTopicArn"
            case snsTopicName = "SnsTopicName"
            case trailArn = "TrailArn"
        }
    }

    public struct AwsCodeBuildProjectDetails: AWSEncodableShape & AWSDecodableShape {
        /// The AWS Key Management Service (AWS KMS) customer master key (CMK) used to encrypt the build output artifacts. You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK alias (using the format alias/alias-name).
        public let encryptionKey: String?
        /// Information about the build environment for this build project.
        public let environment: AwsCodeBuildProjectEnvironment?
        /// The name of the build project.
        public let name: String?
        /// The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.
        public let serviceRole: String?
        /// Information about the build input source code for this build project.
        public let source: AwsCodeBuildProjectSource?
        /// Information about the VPC configuration that AWS CodeBuild accesses.
        public let vpcConfig: AwsCodeBuildProjectVpcConfig?

        public init(encryptionKey: String? = nil, environment: AwsCodeBuildProjectEnvironment? = nil, name: String? = nil, serviceRole: String? = nil, source: AwsCodeBuildProjectSource? = nil, vpcConfig: AwsCodeBuildProjectVpcConfig? = nil) {
            self.encryptionKey = encryptionKey
            self.environment = environment
            self.name = name
            self.serviceRole = serviceRole
            self.source = source
            self.vpcConfig = vpcConfig
        }

        public func validate(name: String) throws {
            try self.validate(self.encryptionKey, name: "encryptionKey", parent: name, pattern: ".*\\S.*")
            try self.environment?.validate(name: "\(name).environment")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.serviceRole, name: "serviceRole", parent: name, pattern: ".*\\S.*")
            try self.source?.validate(name: "\(name).source")
            try self.vpcConfig?.validate(name: "\(name).vpcConfig")
        }

        private enum CodingKeys: String, CodingKey {
            case encryptionKey = "EncryptionKey"
            case environment = "Environment"
            case name = "Name"
            case serviceRole = "ServiceRole"
            case source = "Source"
            case vpcConfig = "VpcConfig"
        }
    }

    public struct AwsCodeBuildProjectEnvironment: AWSEncodableShape & AWSDecodableShape {
        /// The certificate to use with this build project.
        public let certificate: String?
        /// The type of credentials AWS CodeBuild uses to pull images in your build. Valid values:    CODEBUILD specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust the AWS CodeBuild service principal.    SERVICE_ROLE specifies that AWS CodeBuild uses your build project's service role.   When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.
        public let imagePullCredentialsType: String?
        /// The credentials for access to a private registry.
        public let registryCredential: AwsCodeBuildProjectEnvironmentRegistryCredential?
        /// The type of build environment to use for related builds. The environment type ARM_CONTAINER is available only in Regions US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and Europe (Frankfurt). The environment type LINUX_CONTAINER with compute type build.general1.2xlarge is available only in Regions US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Ireland), Europe (London), Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). The environment type LINUX_GPU_CONTAINER is available only in Regions US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Ireland), Europe (London), Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). Valid values: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER
        public let type: String?

        public init(certificate: String? = nil, imagePullCredentialsType: String? = nil, registryCredential: AwsCodeBuildProjectEnvironmentRegistryCredential? = nil, type: String? = nil) {
            self.certificate = certificate
            self.imagePullCredentialsType = imagePullCredentialsType
            self.registryCredential = registryCredential
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.certificate, name: "certificate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.imagePullCredentialsType, name: "imagePullCredentialsType", parent: name, pattern: ".*\\S.*")
            try self.registryCredential?.validate(name: "\(name).registryCredential")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case certificate = "Certificate"
            case imagePullCredentialsType = "ImagePullCredentialsType"
            case registryCredential = "RegistryCredential"
            case type = "Type"
        }
    }

    public struct AwsCodeBuildProjectEnvironmentRegistryCredential: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager.  The credential can use the name of the credentials only if they exist in your current AWS Region.
        public let credential: String?
        /// The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager.
        public let credentialProvider: String?

        public init(credential: String? = nil, credentialProvider: String? = nil) {
            self.credential = credential
            self.credentialProvider = credentialProvider
        }

        public func validate(name: String) throws {
            try self.validate(self.credential, name: "credential", parent: name, pattern: ".*\\S.*")
            try self.validate(self.credentialProvider, name: "credentialProvider", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case credential = "Credential"
            case credentialProvider = "CredentialProvider"
        }
    }

    public struct AwsCodeBuildProjectSource: AWSEncodableShape & AWSDecodableShape {
        /// Information about the Git clone depth for the build project.
        public let gitCloneDepth: Int?
        /// Whether to ignore SSL warnings while connecting to the project source code.
        public let insecureSsl: Bool?
        /// Information about the location of the source code to be built. Valid values include:   For source code settings that are specified in the source action of a pipeline in AWS CodePipeline, location should not be specified. If it is specified, AWS CodePipeline ignores it. This is because AWS CodePipeline uses the settings in a pipeline's source action instead of this value.   For source code in an AWS CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the build spec file (for example, https://git-codecommit.region-ID.amazonaws.com/v1/repos/repo-name ).   For source code in an S3 input bucket, one of the following.   The path to the ZIP file that contains the source code (for example, bucket-name/path/to/object-name.zip).    The path to the folder that contains the source code (for example, bucket-name/path/to/source-code/folder/).     For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the build spec file.   For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the build spec file.
        public let location: String?
        /// The type of repository that contains the source code to be built. Valid values are:    BITBUCKET - The source code is in a Bitbucket repository.    CODECOMMIT - The source code is in an AWS CodeCommit repository.    CODEPIPELINE - The source code settings are specified in the source action of a pipeline in AWS CodePipeline.    GITHUB - The source code is in a GitHub repository.    GITHUB_ENTERPRISE - The source code is in a GitHub Enterprise repository.    NO_SOURCE - The project does not have input source code.    S3 - The source code is in an S3 input bucket.
        public let type: String?

        public init(gitCloneDepth: Int? = nil, insecureSsl: Bool? = nil, location: String? = nil, type: String? = nil) {
            self.gitCloneDepth = gitCloneDepth
            self.insecureSsl = insecureSsl
            self.location = location
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.location, name: "location", parent: name, pattern: ".*\\S.*")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case gitCloneDepth = "GitCloneDepth"
            case insecureSsl = "InsecureSsl"
            case location = "Location"
            case type = "Type"
        }
    }

    public struct AwsCodeBuildProjectVpcConfig: AWSEncodableShape & AWSDecodableShape {
        /// A list of one or more security group IDs in your Amazon VPC.
        public let securityGroupIds: [String]?
        /// A list of one or more subnet IDs in your Amazon VPC.
        public let subnets: [String]?
        /// The ID of the VPC.
        public let vpcId: String?

        public init(securityGroupIds: [String]? = nil, subnets: [String]? = nil, vpcId: String? = nil) {
            self.securityGroupIds = securityGroupIds
            self.subnets = subnets
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.securityGroupIds?.forEach {
                try validate($0, name: "securityGroupIds[]", parent: name, pattern: ".*\\S.*")
            }
            try self.subnets?.forEach {
                try validate($0, name: "subnets[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case securityGroupIds = "SecurityGroupIds"
            case subnets = "Subnets"
            case vpcId = "VpcId"
        }
    }

    public struct AwsCorsConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the CORS request includes credentials.
        public let allowCredentials: Bool?
        /// The allowed headers for CORS requests.
        public let allowHeaders: [String]?
        /// The allowed methods for CORS requests.
        public let allowMethods: [String]?
        /// The allowed origins for CORS requests.
        public let allowOrigins: [String]?
        /// The exposed headers for CORS requests.
        public let exposeHeaders: [String]?
        /// The number of seconds for which the browser caches preflight request results.
        public let maxAge: Int?

        public init(allowCredentials: Bool? = nil, allowHeaders: [String]? = nil, allowMethods: [String]? = nil, allowOrigins: [String]? = nil, exposeHeaders: [String]? = nil, maxAge: Int? = nil) {
            self.allowCredentials = allowCredentials
            self.allowHeaders = allowHeaders
            self.allowMethods = allowMethods
            self.allowOrigins = allowOrigins
            self.exposeHeaders = exposeHeaders
            self.maxAge = maxAge
        }

        public func validate(name: String) throws {
            try self.allowHeaders?.forEach {
                try validate($0, name: "allowHeaders[]", parent: name, pattern: ".*\\S.*")
            }
            try self.allowMethods?.forEach {
                try validate($0, name: "allowMethods[]", parent: name, pattern: ".*\\S.*")
            }
            try self.allowOrigins?.forEach {
                try validate($0, name: "allowOrigins[]", parent: name, pattern: ".*\\S.*")
            }
            try self.exposeHeaders?.forEach {
                try validate($0, name: "exposeHeaders[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case allowCredentials = "AllowCredentials"
            case allowHeaders = "AllowHeaders"
            case allowMethods = "AllowMethods"
            case allowOrigins = "AllowOrigins"
            case exposeHeaders = "ExposeHeaders"
            case maxAge = "MaxAge"
        }
    }

    public struct AwsDynamoDbTableAttributeDefinition: AWSEncodableShape & AWSDecodableShape {
        /// The name of the attribute.
        public let attributeName: String?
        /// The type of the attribute.
        public let attributeType: String?

        public init(attributeName: String? = nil, attributeType: String? = nil) {
            self.attributeName = attributeName
            self.attributeType = attributeType
        }

        public func validate(name: String) throws {
            try self.validate(self.attributeName, name: "attributeName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.attributeType, name: "attributeType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attributeName = "AttributeName"
            case attributeType = "AttributeType"
        }
    }

    public struct AwsDynamoDbTableBillingModeSummary: AWSEncodableShape & AWSDecodableShape {
        /// The method used to charge for read and write throughput and to manage capacity.
        public let billingMode: String?
        /// If the billing mode is PAY_PER_REQUEST, indicates when the billing mode was set to that value. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastUpdateToPayPerRequestDateTime: String?

        public init(billingMode: String? = nil, lastUpdateToPayPerRequestDateTime: String? = nil) {
            self.billingMode = billingMode
            self.lastUpdateToPayPerRequestDateTime = lastUpdateToPayPerRequestDateTime
        }

        public func validate(name: String) throws {
            try self.validate(self.billingMode, name: "billingMode", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastUpdateToPayPerRequestDateTime, name: "lastUpdateToPayPerRequestDateTime", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case billingMode = "BillingMode"
            case lastUpdateToPayPerRequestDateTime = "LastUpdateToPayPerRequestDateTime"
        }
    }

    public struct AwsDynamoDbTableDetails: AWSEncodableShape & AWSDecodableShape {
        /// A list of attribute definitions for the table.
        public let attributeDefinitions: [AwsDynamoDbTableAttributeDefinition]?
        /// Information about the billing for read/write capacity on the table.
        public let billingModeSummary: AwsDynamoDbTableBillingModeSummary?
        /// Indicates when the table was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let creationDateTime: String?
        /// List of global secondary indexes for the table.
        public let globalSecondaryIndexes: [AwsDynamoDbTableGlobalSecondaryIndex]?
        /// The version of global tables being used.
        public let globalTableVersion: String?
        /// The number of items in the table.
        public let itemCount: Int?
        /// The primary key structure for the table.
        public let keySchema: [AwsDynamoDbTableKeySchema]?
        /// The ARN of the latest stream for the table.
        public let latestStreamArn: String?
        /// The label of the latest stream. The label is not a unique identifier.
        public let latestStreamLabel: String?
        /// The list of local secondary indexes for the table.
        public let localSecondaryIndexes: [AwsDynamoDbTableLocalSecondaryIndex]?
        /// Information about the provisioned throughput for the table.
        public let provisionedThroughput: AwsDynamoDbTableProvisionedThroughput?
        /// The list of replicas of this table.
        public let replicas: [AwsDynamoDbTableReplica]?
        /// Information about the restore for the table.
        public let restoreSummary: AwsDynamoDbTableRestoreSummary?
        /// Information about the server-side encryption for the table.
        public let sseDescription: AwsDynamoDbTableSseDescription?
        /// The current DynamoDB Streams configuration for the table.
        public let streamSpecification: AwsDynamoDbTableStreamSpecification?
        /// The identifier of the table.
        public let tableId: String?
        /// The name of the table.
        public let tableName: String?
        /// The total size of the table in bytes.
        public let tableSizeBytes: Int64?
        /// The current status of the table.
        public let tableStatus: String?

        public init(attributeDefinitions: [AwsDynamoDbTableAttributeDefinition]? = nil, billingModeSummary: AwsDynamoDbTableBillingModeSummary? = nil, creationDateTime: String? = nil, globalSecondaryIndexes: [AwsDynamoDbTableGlobalSecondaryIndex]? = nil, globalTableVersion: String? = nil, itemCount: Int? = nil, keySchema: [AwsDynamoDbTableKeySchema]? = nil, latestStreamArn: String? = nil, latestStreamLabel: String? = nil, localSecondaryIndexes: [AwsDynamoDbTableLocalSecondaryIndex]? = nil, provisionedThroughput: AwsDynamoDbTableProvisionedThroughput? = nil, replicas: [AwsDynamoDbTableReplica]? = nil, restoreSummary: AwsDynamoDbTableRestoreSummary? = nil, sseDescription: AwsDynamoDbTableSseDescription? = nil, streamSpecification: AwsDynamoDbTableStreamSpecification? = nil, tableId: String? = nil, tableName: String? = nil, tableSizeBytes: Int64? = nil, tableStatus: String? = nil) {
            self.attributeDefinitions = attributeDefinitions
            self.billingModeSummary = billingModeSummary
            self.creationDateTime = creationDateTime
            self.globalSecondaryIndexes = globalSecondaryIndexes
            self.globalTableVersion = globalTableVersion
            self.itemCount = itemCount
            self.keySchema = keySchema
            self.latestStreamArn = latestStreamArn
            self.latestStreamLabel = latestStreamLabel
            self.localSecondaryIndexes = localSecondaryIndexes
            self.provisionedThroughput = provisionedThroughput
            self.replicas = replicas
            self.restoreSummary = restoreSummary
            self.sseDescription = sseDescription
            self.streamSpecification = streamSpecification
            self.tableId = tableId
            self.tableName = tableName
            self.tableSizeBytes = tableSizeBytes
            self.tableStatus = tableStatus
        }

        public func validate(name: String) throws {
            try self.attributeDefinitions?.forEach {
                try $0.validate(name: "\(name).attributeDefinitions[]")
            }
            try self.billingModeSummary?.validate(name: "\(name).billingModeSummary")
            try self.validate(self.creationDateTime, name: "creationDateTime", parent: name, pattern: ".*\\S.*")
            try self.globalSecondaryIndexes?.forEach {
                try $0.validate(name: "\(name).globalSecondaryIndexes[]")
            }
            try self.validate(self.globalTableVersion, name: "globalTableVersion", parent: name, pattern: ".*\\S.*")
            try self.keySchema?.forEach {
                try $0.validate(name: "\(name).keySchema[]")
            }
            try self.validate(self.latestStreamArn, name: "latestStreamArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.latestStreamLabel, name: "latestStreamLabel", parent: name, pattern: ".*\\S.*")
            try self.localSecondaryIndexes?.forEach {
                try $0.validate(name: "\(name).localSecondaryIndexes[]")
            }
            try self.provisionedThroughput?.validate(name: "\(name).provisionedThroughput")
            try self.replicas?.forEach {
                try $0.validate(name: "\(name).replicas[]")
            }
            try self.restoreSummary?.validate(name: "\(name).restoreSummary")
            try self.sseDescription?.validate(name: "\(name).sseDescription")
            try self.streamSpecification?.validate(name: "\(name).streamSpecification")
            try self.validate(self.tableId, name: "tableId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.tableName, name: "tableName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.tableStatus, name: "tableStatus", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attributeDefinitions = "AttributeDefinitions"
            case billingModeSummary = "BillingModeSummary"
            case creationDateTime = "CreationDateTime"
            case globalSecondaryIndexes = "GlobalSecondaryIndexes"
            case globalTableVersion = "GlobalTableVersion"
            case itemCount = "ItemCount"
            case keySchema = "KeySchema"
            case latestStreamArn = "LatestStreamArn"
            case latestStreamLabel = "LatestStreamLabel"
            case localSecondaryIndexes = "LocalSecondaryIndexes"
            case provisionedThroughput = "ProvisionedThroughput"
            case replicas = "Replicas"
            case restoreSummary = "RestoreSummary"
            case sseDescription = "SseDescription"
            case streamSpecification = "StreamSpecification"
            case tableId = "TableId"
            case tableName = "TableName"
            case tableSizeBytes = "TableSizeBytes"
            case tableStatus = "TableStatus"
        }
    }

    public struct AwsDynamoDbTableGlobalSecondaryIndex: AWSEncodableShape & AWSDecodableShape {
        /// Whether the index is currently backfilling.
        public let backfilling: Bool?
        /// The ARN of the index.
        public let indexArn: String?
        /// The name of the index.
        public let indexName: String?
        /// The total size in bytes of the index.
        public let indexSizeBytes: Int64?
        /// The current status of the index.
        public let indexStatus: String?
        /// The number of items in the index.
        public let itemCount: Int?
        /// The key schema for the index.
        public let keySchema: [AwsDynamoDbTableKeySchema]?
        /// Attributes that are copied from the table into an index.
        public let projection: AwsDynamoDbTableProjection?
        /// Information about the provisioned throughput settings for the indexes.
        public let provisionedThroughput: AwsDynamoDbTableProvisionedThroughput?

        public init(backfilling: Bool? = nil, indexArn: String? = nil, indexName: String? = nil, indexSizeBytes: Int64? = nil, indexStatus: String? = nil, itemCount: Int? = nil, keySchema: [AwsDynamoDbTableKeySchema]? = nil, projection: AwsDynamoDbTableProjection? = nil, provisionedThroughput: AwsDynamoDbTableProvisionedThroughput? = nil) {
            self.backfilling = backfilling
            self.indexArn = indexArn
            self.indexName = indexName
            self.indexSizeBytes = indexSizeBytes
            self.indexStatus = indexStatus
            self.itemCount = itemCount
            self.keySchema = keySchema
            self.projection = projection
            self.provisionedThroughput = provisionedThroughput
        }

        public func validate(name: String) throws {
            try self.validate(self.indexArn, name: "indexArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.indexName, name: "indexName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.indexStatus, name: "indexStatus", parent: name, pattern: ".*\\S.*")
            try self.keySchema?.forEach {
                try $0.validate(name: "\(name).keySchema[]")
            }
            try self.projection?.validate(name: "\(name).projection")
            try self.provisionedThroughput?.validate(name: "\(name).provisionedThroughput")
        }

        private enum CodingKeys: String, CodingKey {
            case backfilling = "Backfilling"
            case indexArn = "IndexArn"
            case indexName = "IndexName"
            case indexSizeBytes = "IndexSizeBytes"
            case indexStatus = "IndexStatus"
            case itemCount = "ItemCount"
            case keySchema = "KeySchema"
            case projection = "Projection"
            case provisionedThroughput = "ProvisionedThroughput"
        }
    }

    public struct AwsDynamoDbTableKeySchema: AWSEncodableShape & AWSDecodableShape {
        /// The name of the key schema attribute.
        public let attributeName: String?
        /// The type of key used for the key schema attribute.
        public let keyType: String?

        public init(attributeName: String? = nil, keyType: String? = nil) {
            self.attributeName = attributeName
            self.keyType = keyType
        }

        public func validate(name: String) throws {
            try self.validate(self.attributeName, name: "attributeName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.keyType, name: "keyType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attributeName = "AttributeName"
            case keyType = "KeyType"
        }
    }

    public struct AwsDynamoDbTableLocalSecondaryIndex: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the index.
        public let indexArn: String?
        /// The name of the index.
        public let indexName: String?
        /// The complete key schema for the index.
        public let keySchema: [AwsDynamoDbTableKeySchema]?
        /// Attributes that are copied from the table into the index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.
        public let projection: AwsDynamoDbTableProjection?

        public init(indexArn: String? = nil, indexName: String? = nil, keySchema: [AwsDynamoDbTableKeySchema]? = nil, projection: AwsDynamoDbTableProjection? = nil) {
            self.indexArn = indexArn
            self.indexName = indexName
            self.keySchema = keySchema
            self.projection = projection
        }

        public func validate(name: String) throws {
            try self.validate(self.indexArn, name: "indexArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.indexName, name: "indexName", parent: name, pattern: ".*\\S.*")
            try self.keySchema?.forEach {
                try $0.validate(name: "\(name).keySchema[]")
            }
            try self.projection?.validate(name: "\(name).projection")
        }

        private enum CodingKeys: String, CodingKey {
            case indexArn = "IndexArn"
            case indexName = "IndexName"
            case keySchema = "KeySchema"
            case projection = "Projection"
        }
    }

    public struct AwsDynamoDbTableProjection: AWSEncodableShape & AWSDecodableShape {
        /// The nonkey attributes that are projected into the index. For each attribute, provide the attribute name.
        public let nonKeyAttributes: [String]?
        /// The types of attributes that are projected into the index.
        public let projectionType: String?

        public init(nonKeyAttributes: [String]? = nil, projectionType: String? = nil) {
            self.nonKeyAttributes = nonKeyAttributes
            self.projectionType = projectionType
        }

        public func validate(name: String) throws {
            try self.nonKeyAttributes?.forEach {
                try validate($0, name: "nonKeyAttributes[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.projectionType, name: "projectionType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case nonKeyAttributes = "NonKeyAttributes"
            case projectionType = "ProjectionType"
        }
    }

    public struct AwsDynamoDbTableProvisionedThroughput: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the provisioned throughput was last decreased. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastDecreaseDateTime: String?
        /// Indicates when the provisioned throughput was last increased. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastIncreaseDateTime: String?
        /// The number of times during the current UTC calendar day that the provisioned throughput was decreased.
        public let numberOfDecreasesToday: Int?
        /// The maximum number of strongly consistent reads consumed per second before DynamoDB returns a ThrottlingException.
        public let readCapacityUnits: Int?
        /// The maximum number of writes consumed per second before DynamoDB returns a ThrottlingException.
        public let writeCapacityUnits: Int?

        public init(lastDecreaseDateTime: String? = nil, lastIncreaseDateTime: String? = nil, numberOfDecreasesToday: Int? = nil, readCapacityUnits: Int? = nil, writeCapacityUnits: Int? = nil) {
            self.lastDecreaseDateTime = lastDecreaseDateTime
            self.lastIncreaseDateTime = lastIncreaseDateTime
            self.numberOfDecreasesToday = numberOfDecreasesToday
            self.readCapacityUnits = readCapacityUnits
            self.writeCapacityUnits = writeCapacityUnits
        }

        public func validate(name: String) throws {
            try self.validate(self.lastDecreaseDateTime, name: "lastDecreaseDateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastIncreaseDateTime, name: "lastIncreaseDateTime", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case lastDecreaseDateTime = "LastDecreaseDateTime"
            case lastIncreaseDateTime = "LastIncreaseDateTime"
            case numberOfDecreasesToday = "NumberOfDecreasesToday"
            case readCapacityUnits = "ReadCapacityUnits"
            case writeCapacityUnits = "WriteCapacityUnits"
        }
    }

    public struct AwsDynamoDbTableProvisionedThroughputOverride: AWSEncodableShape & AWSDecodableShape {
        /// The read capacity units for the replica.
        public let readCapacityUnits: Int?

        public init(readCapacityUnits: Int? = nil) {
            self.readCapacityUnits = readCapacityUnits
        }

        private enum CodingKeys: String, CodingKey {
            case readCapacityUnits = "ReadCapacityUnits"
        }
    }

    public struct AwsDynamoDbTableReplica: AWSEncodableShape & AWSDecodableShape {
        /// List of global secondary indexes for the replica.
        public let globalSecondaryIndexes: [AwsDynamoDbTableReplicaGlobalSecondaryIndex]?
        /// The identifier of the AWS KMS customer master key (CMK) that will be used for AWS KMS encryption for the replica.
        public let kmsMasterKeyId: String?
        /// Replica-specific configuration for the provisioned throughput.
        public let provisionedThroughputOverride: AwsDynamoDbTableProvisionedThroughputOverride?
        /// The name of the Region where the replica is located.
        public let regionName: String?
        /// The current status of the replica.
        public let replicaStatus: String?
        /// Detailed information about the replica status.
        public let replicaStatusDescription: String?

        public init(globalSecondaryIndexes: [AwsDynamoDbTableReplicaGlobalSecondaryIndex]? = nil, kmsMasterKeyId: String? = nil, provisionedThroughputOverride: AwsDynamoDbTableProvisionedThroughputOverride? = nil, regionName: String? = nil, replicaStatus: String? = nil, replicaStatusDescription: String? = nil) {
            self.globalSecondaryIndexes = globalSecondaryIndexes
            self.kmsMasterKeyId = kmsMasterKeyId
            self.provisionedThroughputOverride = provisionedThroughputOverride
            self.regionName = regionName
            self.replicaStatus = replicaStatus
            self.replicaStatusDescription = replicaStatusDescription
        }

        public func validate(name: String) throws {
            try self.globalSecondaryIndexes?.forEach {
                try $0.validate(name: "\(name).globalSecondaryIndexes[]")
            }
            try self.validate(self.kmsMasterKeyId, name: "kmsMasterKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.regionName, name: "regionName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.replicaStatus, name: "replicaStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.replicaStatusDescription, name: "replicaStatusDescription", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case globalSecondaryIndexes = "GlobalSecondaryIndexes"
            case kmsMasterKeyId = "KmsMasterKeyId"
            case provisionedThroughputOverride = "ProvisionedThroughputOverride"
            case regionName = "RegionName"
            case replicaStatus = "ReplicaStatus"
            case replicaStatusDescription = "ReplicaStatusDescription"
        }
    }

    public struct AwsDynamoDbTableReplicaGlobalSecondaryIndex: AWSEncodableShape & AWSDecodableShape {
        /// The name of the index.
        public let indexName: String?
        /// Replica-specific configuration for the provisioned throughput for the index.
        public let provisionedThroughputOverride: AwsDynamoDbTableProvisionedThroughputOverride?

        public init(indexName: String? = nil, provisionedThroughputOverride: AwsDynamoDbTableProvisionedThroughputOverride? = nil) {
            self.indexName = indexName
            self.provisionedThroughputOverride = provisionedThroughputOverride
        }

        public func validate(name: String) throws {
            try self.validate(self.indexName, name: "indexName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case indexName = "IndexName"
            case provisionedThroughputOverride = "ProvisionedThroughputOverride"
        }
    }

    public struct AwsDynamoDbTableRestoreSummary: AWSEncodableShape & AWSDecodableShape {
        /// Indicates the point in time that the table was restored to. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let restoreDateTime: String?
        /// Whether a restore is currently in progress.
        public let restoreInProgress: Bool?
        /// The ARN of the source backup from which the table was restored.
        public let sourceBackupArn: String?
        /// The ARN of the source table for the backup.
        public let sourceTableArn: String?

        public init(restoreDateTime: String? = nil, restoreInProgress: Bool? = nil, sourceBackupArn: String? = nil, sourceTableArn: String? = nil) {
            self.restoreDateTime = restoreDateTime
            self.restoreInProgress = restoreInProgress
            self.sourceBackupArn = sourceBackupArn
            self.sourceTableArn = sourceTableArn
        }

        public func validate(name: String) throws {
            try self.validate(self.restoreDateTime, name: "restoreDateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceBackupArn, name: "sourceBackupArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceTableArn, name: "sourceTableArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case restoreDateTime = "RestoreDateTime"
            case restoreInProgress = "RestoreInProgress"
            case sourceBackupArn = "SourceBackupArn"
            case sourceTableArn = "SourceTableArn"
        }
    }

    public struct AwsDynamoDbTableSseDescription: AWSEncodableShape & AWSDecodableShape {
        /// If the key is inaccessible, the date and time when DynamoDB detected that the key was inaccessible. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let inaccessibleEncryptionDateTime: String?
        /// The ARN of the AWS KMS customer master key (CMK) that is used for the AWS KMS encryption.
        public let kmsMasterKeyArn: String?
        /// The type of server-side encryption.
        public let sseType: String?
        /// The status of the server-side encryption.
        public let status: String?

        public init(inaccessibleEncryptionDateTime: String? = nil, kmsMasterKeyArn: String? = nil, sseType: String? = nil, status: String? = nil) {
            self.inaccessibleEncryptionDateTime = inaccessibleEncryptionDateTime
            self.kmsMasterKeyArn = kmsMasterKeyArn
            self.sseType = sseType
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.inaccessibleEncryptionDateTime, name: "inaccessibleEncryptionDateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsMasterKeyArn, name: "kmsMasterKeyArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sseType, name: "sseType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case inaccessibleEncryptionDateTime = "InaccessibleEncryptionDateTime"
            case kmsMasterKeyArn = "KmsMasterKeyArn"
            case sseType = "SseType"
            case status = "Status"
        }
    }

    public struct AwsDynamoDbTableStreamSpecification: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether DynamoDB Streams is enabled on the table.
        public let streamEnabled: Bool?
        /// Determines the information that is written to the table.
        public let streamViewType: String?

        public init(streamEnabled: Bool? = nil, streamViewType: String? = nil) {
            self.streamEnabled = streamEnabled
            self.streamViewType = streamViewType
        }

        public func validate(name: String) throws {
            try self.validate(self.streamViewType, name: "streamViewType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case streamEnabled = "StreamEnabled"
            case streamViewType = "StreamViewType"
        }
    }

    public struct AwsEc2EipDetails: AWSEncodableShape & AWSDecodableShape {
        /// The identifier that AWS assigns to represent the allocation of the Elastic IP address for use with Amazon VPC.
        public let allocationId: String?
        /// The identifier that represents the association of the Elastic IP address with an EC2 instance.
        public let associationId: String?
        /// The domain in which to allocate the address. If the address is for use with EC2 instances in a VPC, then Domain is vpc. Otherwise, Domain is standard.
        public let domain: String?
        /// The identifier of the EC2 instance.
        public let instanceId: String?
        /// The name of the location from which the Elastic IP address is advertised.
        public let networkBorderGroup: String?
        /// The identifier of the network interface.
        public let networkInterfaceId: String?
        /// The AWS account ID of the owner of the network interface.
        public let networkInterfaceOwnerId: String?
        /// The private IP address that is associated with the Elastic IP address.
        public let privateIpAddress: String?
        /// A public IP address that is associated with the EC2 instance.
        public let publicIp: String?
        /// The identifier of an IP address pool. This parameter allows Amazon EC2 to select an IP address from the address pool.
        public let publicIpv4Pool: String?

        public init(allocationId: String? = nil, associationId: String? = nil, domain: String? = nil, instanceId: String? = nil, networkBorderGroup: String? = nil, networkInterfaceId: String? = nil, networkInterfaceOwnerId: String? = nil, privateIpAddress: String? = nil, publicIp: String? = nil, publicIpv4Pool: String? = nil) {
            self.allocationId = allocationId
            self.associationId = associationId
            self.domain = domain
            self.instanceId = instanceId
            self.networkBorderGroup = networkBorderGroup
            self.networkInterfaceId = networkInterfaceId
            self.networkInterfaceOwnerId = networkInterfaceOwnerId
            self.privateIpAddress = privateIpAddress
            self.publicIp = publicIp
            self.publicIpv4Pool = publicIpv4Pool
        }

        public func validate(name: String) throws {
            try self.validate(self.allocationId, name: "allocationId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.associationId, name: "associationId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.domain, name: "domain", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceId, name: "instanceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.networkBorderGroup, name: "networkBorderGroup", parent: name, pattern: ".*\\S.*")
            try self.validate(self.networkInterfaceId, name: "networkInterfaceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.networkInterfaceOwnerId, name: "networkInterfaceOwnerId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.privateIpAddress, name: "privateIpAddress", parent: name, pattern: ".*\\S.*")
            try self.validate(self.publicIp, name: "publicIp", parent: name, pattern: ".*\\S.*")
            try self.validate(self.publicIpv4Pool, name: "publicIpv4Pool", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case allocationId = "AllocationId"
            case associationId = "AssociationId"
            case domain = "Domain"
            case instanceId = "InstanceId"
            case networkBorderGroup = "NetworkBorderGroup"
            case networkInterfaceId = "NetworkInterfaceId"
            case networkInterfaceOwnerId = "NetworkInterfaceOwnerId"
            case privateIpAddress = "PrivateIpAddress"
            case publicIp = "PublicIp"
            case publicIpv4Pool = "PublicIpv4Pool"
        }
    }

    public struct AwsEc2InstanceDetails: AWSEncodableShape & AWSDecodableShape {
        /// The IAM profile ARN of the instance.
        public let iamInstanceProfileArn: String?
        /// The Amazon Machine Image (AMI) ID of the instance.
        public let imageId: String?
        /// The IPv4 addresses associated with the instance.
        public let ipV4Addresses: [String]?
        /// The IPv6 addresses associated with the instance.
        public let ipV6Addresses: [String]?
        /// The key name associated with the instance.
        public let keyName: String?
        /// Indicates when the instance was launched. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let launchedAt: String?
        /// The identifier of the subnet that the instance was launched in.
        public let subnetId: String?
        /// The instance type of the instance.
        public let type: String?
        /// The identifier of the VPC that the instance was launched in.
        public let vpcId: String?

        public init(iamInstanceProfileArn: String? = nil, imageId: String? = nil, ipV4Addresses: [String]? = nil, ipV6Addresses: [String]? = nil, keyName: String? = nil, launchedAt: String? = nil, subnetId: String? = nil, type: String? = nil, vpcId: String? = nil) {
            self.iamInstanceProfileArn = iamInstanceProfileArn
            self.imageId = imageId
            self.ipV4Addresses = ipV4Addresses
            self.ipV6Addresses = ipV6Addresses
            self.keyName = keyName
            self.launchedAt = launchedAt
            self.subnetId = subnetId
            self.type = type
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.iamInstanceProfileArn, name: "iamInstanceProfileArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.imageId, name: "imageId", parent: name, pattern: ".*\\S.*")
            try self.ipV4Addresses?.forEach {
                try validate($0, name: "ipV4Addresses[]", parent: name, pattern: ".*\\S.*")
            }
            try self.ipV6Addresses?.forEach {
                try validate($0, name: "ipV6Addresses[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.keyName, name: "keyName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.launchedAt, name: "launchedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.subnetId, name: "subnetId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case iamInstanceProfileArn = "IamInstanceProfileArn"
            case imageId = "ImageId"
            case ipV4Addresses = "IpV4Addresses"
            case ipV6Addresses = "IpV6Addresses"
            case keyName = "KeyName"
            case launchedAt = "LaunchedAt"
            case subnetId = "SubnetId"
            case type = "Type"
            case vpcId = "VpcId"
        }
    }

    public struct AwsEc2NetworkInterfaceAttachment: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the network interface attachment
        public let attachmentId: String?
        /// Indicates when the attachment initiated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let attachTime: String?
        /// Indicates whether the network interface is deleted when the instance is terminated.
        public let deleteOnTermination: Bool?
        /// The device index of the network interface attachment on the instance.
        public let deviceIndex: Int?
        /// The ID of the instance.
        public let instanceId: String?
        /// The AWS account ID of the owner of the instance.
        public let instanceOwnerId: String?
        /// The attachment state. Valid values: attaching | attached | detaching | detached
        public let status: String?

        public init(attachmentId: String? = nil, attachTime: String? = nil, deleteOnTermination: Bool? = nil, deviceIndex: Int? = nil, instanceId: String? = nil, instanceOwnerId: String? = nil, status: String? = nil) {
            self.attachmentId = attachmentId
            self.attachTime = attachTime
            self.deleteOnTermination = deleteOnTermination
            self.deviceIndex = deviceIndex
            self.instanceId = instanceId
            self.instanceOwnerId = instanceOwnerId
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.attachmentId, name: "attachmentId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.attachTime, name: "attachTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceId, name: "instanceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceOwnerId, name: "instanceOwnerId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attachmentId = "AttachmentId"
            case attachTime = "AttachTime"
            case deleteOnTermination = "DeleteOnTermination"
            case deviceIndex = "DeviceIndex"
            case instanceId = "InstanceId"
            case instanceOwnerId = "InstanceOwnerId"
            case status = "Status"
        }
    }

    public struct AwsEc2NetworkInterfaceDetails: AWSEncodableShape & AWSDecodableShape {
        /// The network interface attachment.
        public let attachment: AwsEc2NetworkInterfaceAttachment?
        /// The IPv6 addresses associated with the network interface.
        public let ipV6Addresses: [AwsEc2NetworkInterfaceIpV6AddressDetail]?
        /// The ID of the network interface.
        public let networkInterfaceId: String?
        /// The private IPv4 addresses associated with the network interface.
        public let privateIpAddresses: [AwsEc2NetworkInterfacePrivateIpAddressDetail]?
        /// The public DNS name of the network interface.
        public let publicDnsName: String?
        /// The address of the Elastic IP address bound to the network interface.
        public let publicIp: String?
        /// Security groups for the network interface.
        public let securityGroups: [AwsEc2NetworkInterfaceSecurityGroup]?
        /// Indicates whether traffic to or from the instance is validated.
        public let sourceDestCheck: Bool?

        public init(attachment: AwsEc2NetworkInterfaceAttachment? = nil, ipV6Addresses: [AwsEc2NetworkInterfaceIpV6AddressDetail]? = nil, networkInterfaceId: String? = nil, privateIpAddresses: [AwsEc2NetworkInterfacePrivateIpAddressDetail]? = nil, publicDnsName: String? = nil, publicIp: String? = nil, securityGroups: [AwsEc2NetworkInterfaceSecurityGroup]? = nil, sourceDestCheck: Bool? = nil) {
            self.attachment = attachment
            self.ipV6Addresses = ipV6Addresses
            self.networkInterfaceId = networkInterfaceId
            self.privateIpAddresses = privateIpAddresses
            self.publicDnsName = publicDnsName
            self.publicIp = publicIp
            self.securityGroups = securityGroups
            self.sourceDestCheck = sourceDestCheck
        }

        public func validate(name: String) throws {
            try self.attachment?.validate(name: "\(name).attachment")
            try self.ipV6Addresses?.forEach {
                try $0.validate(name: "\(name).ipV6Addresses[]")
            }
            try self.validate(self.networkInterfaceId, name: "networkInterfaceId", parent: name, pattern: ".*\\S.*")
            try self.privateIpAddresses?.forEach {
                try $0.validate(name: "\(name).privateIpAddresses[]")
            }
            try self.validate(self.publicDnsName, name: "publicDnsName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.publicIp, name: "publicIp", parent: name, pattern: ".*\\S.*")
            try self.securityGroups?.forEach {
                try $0.validate(name: "\(name).securityGroups[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case attachment = "Attachment"
            case ipV6Addresses = "IpV6Addresses"
            case networkInterfaceId = "NetworkInterfaceId"
            case privateIpAddresses = "PrivateIpAddresses"
            case publicDnsName = "PublicDnsName"
            case publicIp = "PublicIp"
            case securityGroups = "SecurityGroups"
            case sourceDestCheck = "SourceDestCheck"
        }
    }

    public struct AwsEc2NetworkInterfaceIpV6AddressDetail: AWSEncodableShape & AWSDecodableShape {
        /// The IPV6 address.
        public let ipV6Address: String?

        public init(ipV6Address: String? = nil) {
            self.ipV6Address = ipV6Address
        }

        public func validate(name: String) throws {
            try self.validate(self.ipV6Address, name: "ipV6Address", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case ipV6Address = "IpV6Address"
        }
    }

    public struct AwsEc2NetworkInterfacePrivateIpAddressDetail: AWSEncodableShape & AWSDecodableShape {
        /// The private DNS name for the IP address.
        public let privateDnsName: String?
        /// The IP address.
        public let privateIpAddress: String?

        public init(privateDnsName: String? = nil, privateIpAddress: String? = nil) {
            self.privateDnsName = privateDnsName
            self.privateIpAddress = privateIpAddress
        }

        public func validate(name: String) throws {
            try self.validate(self.privateDnsName, name: "privateDnsName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.privateIpAddress, name: "privateIpAddress", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case privateDnsName = "PrivateDnsName"
            case privateIpAddress = "PrivateIpAddress"
        }
    }

    public struct AwsEc2NetworkInterfaceSecurityGroup: AWSEncodableShape & AWSDecodableShape {
        /// The ID of the security group.
        public let groupId: String?
        /// The name of the security group.
        public let groupName: String?

        public init(groupId: String? = nil, groupName: String? = nil) {
            self.groupId = groupId
            self.groupName = groupName
        }

        public func validate(name: String) throws {
            try self.validate(self.groupId, name: "groupId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.groupName, name: "groupName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case groupId = "GroupId"
            case groupName = "GroupName"
        }
    }

    public struct AwsEc2SecurityGroupDetails: AWSEncodableShape & AWSDecodableShape {
        /// The ID of the security group.
        public let groupId: String?
        /// The name of the security group.
        public let groupName: String?
        /// The inbound rules associated with the security group.
        public let ipPermissions: [AwsEc2SecurityGroupIpPermission]?
        /// [VPC only] The outbound rules associated with the security group.
        public let ipPermissionsEgress: [AwsEc2SecurityGroupIpPermission]?
        /// The AWS account ID of the owner of the security group.
        public let ownerId: String?
        /// [VPC only] The ID of the VPC for the security group.
        public let vpcId: String?

        public init(groupId: String? = nil, groupName: String? = nil, ipPermissions: [AwsEc2SecurityGroupIpPermission]? = nil, ipPermissionsEgress: [AwsEc2SecurityGroupIpPermission]? = nil, ownerId: String? = nil, vpcId: String? = nil) {
            self.groupId = groupId
            self.groupName = groupName
            self.ipPermissions = ipPermissions
            self.ipPermissionsEgress = ipPermissionsEgress
            self.ownerId = ownerId
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.groupId, name: "groupId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.groupName, name: "groupName", parent: name, pattern: ".*\\S.*")
            try self.ipPermissions?.forEach {
                try $0.validate(name: "\(name).ipPermissions[]")
            }
            try self.ipPermissionsEgress?.forEach {
                try $0.validate(name: "\(name).ipPermissionsEgress[]")
            }
            try self.validate(self.ownerId, name: "ownerId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case groupId = "GroupId"
            case groupName = "GroupName"
            case ipPermissions = "IpPermissions"
            case ipPermissionsEgress = "IpPermissionsEgress"
            case ownerId = "OwnerId"
            case vpcId = "VpcId"
        }
    }

    public struct AwsEc2SecurityGroupIpPermission: AWSEncodableShape & AWSDecodableShape {
        /// The start of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
        public let fromPort: Int?
        /// The IP protocol name (tcp, udp, icmp, icmpv6) or number. [VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional. If you omit the port range, traffic for all types and codes is allowed.
        public let ipProtocol: String?
        /// The IPv4 ranges.
        public let ipRanges: [AwsEc2SecurityGroupIpRange]?
        /// The IPv6 ranges.
        public let ipv6Ranges: [AwsEc2SecurityGroupIpv6Range]?
        /// [VPC only] The prefix list IDs for an AWS service. With outbound rules, this is the AWS service to access through a VPC endpoint from instances associated with the security group.
        public let prefixListIds: [AwsEc2SecurityGroupPrefixListId]?
        /// The end of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
        public let toPort: Int?
        /// The security group and AWS account ID pairs.
        public let userIdGroupPairs: [AwsEc2SecurityGroupUserIdGroupPair]?

        public init(fromPort: Int? = nil, ipProtocol: String? = nil, ipRanges: [AwsEc2SecurityGroupIpRange]? = nil, ipv6Ranges: [AwsEc2SecurityGroupIpv6Range]? = nil, prefixListIds: [AwsEc2SecurityGroupPrefixListId]? = nil, toPort: Int? = nil, userIdGroupPairs: [AwsEc2SecurityGroupUserIdGroupPair]? = nil) {
            self.fromPort = fromPort
            self.ipProtocol = ipProtocol
            self.ipRanges = ipRanges
            self.ipv6Ranges = ipv6Ranges
            self.prefixListIds = prefixListIds
            self.toPort = toPort
            self.userIdGroupPairs = userIdGroupPairs
        }

        public func validate(name: String) throws {
            try self.validate(self.ipProtocol, name: "ipProtocol", parent: name, pattern: ".*\\S.*")
            try self.ipRanges?.forEach {
                try $0.validate(name: "\(name).ipRanges[]")
            }
            try self.ipv6Ranges?.forEach {
                try $0.validate(name: "\(name).ipv6Ranges[]")
            }
            try self.prefixListIds?.forEach {
                try $0.validate(name: "\(name).prefixListIds[]")
            }
            try self.userIdGroupPairs?.forEach {
                try $0.validate(name: "\(name).userIdGroupPairs[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case fromPort = "FromPort"
            case ipProtocol = "IpProtocol"
            case ipRanges = "IpRanges"
            case ipv6Ranges = "Ipv6Ranges"
            case prefixListIds = "PrefixListIds"
            case toPort = "ToPort"
            case userIdGroupPairs = "UserIdGroupPairs"
        }
    }

    public struct AwsEc2SecurityGroupIpRange: AWSEncodableShape & AWSDecodableShape {
        /// The IPv4 CIDR range. You can specify either a CIDR range or a source security group, but not both. To specify a single IPv4 address, use the /32 prefix length.
        public let cidrIp: String?

        public init(cidrIp: String? = nil) {
            self.cidrIp = cidrIp
        }

        public func validate(name: String) throws {
            try self.validate(self.cidrIp, name: "cidrIp", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cidrIp = "CidrIp"
        }
    }

    public struct AwsEc2SecurityGroupIpv6Range: AWSEncodableShape & AWSDecodableShape {
        /// The IPv6 CIDR range. You can specify either a CIDR range or a source security group, but not both. To specify a single IPv6 address, use the /128 prefix length.
        public let cidrIpv6: String?

        public init(cidrIpv6: String? = nil) {
            self.cidrIpv6 = cidrIpv6
        }

        public func validate(name: String) throws {
            try self.validate(self.cidrIpv6, name: "cidrIpv6", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cidrIpv6 = "CidrIpv6"
        }
    }

    public struct AwsEc2SecurityGroupPrefixListId: AWSEncodableShape & AWSDecodableShape {
        /// The ID of the prefix.
        public let prefixListId: String?

        public init(prefixListId: String? = nil) {
            self.prefixListId = prefixListId
        }

        public func validate(name: String) throws {
            try self.validate(self.prefixListId, name: "prefixListId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case prefixListId = "PrefixListId"
        }
    }

    public struct AwsEc2SecurityGroupUserIdGroupPair: AWSEncodableShape & AWSDecodableShape {
        /// The ID of the security group.
        public let groupId: String?
        /// The name of the security group.
        public let groupName: String?
        /// The status of a VPC peering connection, if applicable.
        public let peeringStatus: String?
        /// The ID of an AWS account. For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned. [EC2-Classic] Required when adding or removing rules that reference a security group in another AWS.
        public let userId: String?
        /// The ID of the VPC for the referenced security group, if applicable.
        public let vpcId: String?
        /// The ID of the VPC peering connection, if applicable.
        public let vpcPeeringConnectionId: String?

        public init(groupId: String? = nil, groupName: String? = nil, peeringStatus: String? = nil, userId: String? = nil, vpcId: String? = nil, vpcPeeringConnectionId: String? = nil) {
            self.groupId = groupId
            self.groupName = groupName
            self.peeringStatus = peeringStatus
            self.userId = userId
            self.vpcId = vpcId
            self.vpcPeeringConnectionId = vpcPeeringConnectionId
        }

        public func validate(name: String) throws {
            try self.validate(self.groupId, name: "groupId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.groupName, name: "groupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.peeringStatus, name: "peeringStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.userId, name: "userId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcPeeringConnectionId, name: "vpcPeeringConnectionId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case groupId = "GroupId"
            case groupName = "GroupName"
            case peeringStatus = "PeeringStatus"
            case userId = "UserId"
            case vpcId = "VpcId"
            case vpcPeeringConnectionId = "VpcPeeringConnectionId"
        }
    }

    public struct AwsEc2VolumeAttachment: AWSEncodableShape & AWSDecodableShape {
        /// The datetime when the attachment initiated.
        public let attachTime: String?
        /// Whether the EBS volume is deleted when the EC2 instance is terminated.
        public let deleteOnTermination: Bool?
        /// The identifier of the EC2 instance.
        public let instanceId: String?
        /// The attachment state of the volume.
        public let status: String?

        public init(attachTime: String? = nil, deleteOnTermination: Bool? = nil, instanceId: String? = nil, status: String? = nil) {
            self.attachTime = attachTime
            self.deleteOnTermination = deleteOnTermination
            self.instanceId = instanceId
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.attachTime, name: "attachTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceId, name: "instanceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attachTime = "AttachTime"
            case deleteOnTermination = "DeleteOnTermination"
            case instanceId = "InstanceId"
            case status = "Status"
        }
    }

    public struct AwsEc2VolumeDetails: AWSEncodableShape & AWSDecodableShape {
        /// The volume attachments.
        public let attachments: [AwsEc2VolumeAttachment]?
        /// Indicates when the volume was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createTime: String?
        /// Whether the volume is encrypted.
        public let encrypted: Bool?
        /// The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume.
        public let kmsKeyId: String?
        /// The size of the volume, in GiBs.
        public let size: Int?
        /// The snapshot from which the volume was created.
        public let snapshotId: String?
        /// The volume state.
        public let status: String?

        public init(attachments: [AwsEc2VolumeAttachment]? = nil, createTime: String? = nil, encrypted: Bool? = nil, kmsKeyId: String? = nil, size: Int? = nil, snapshotId: String? = nil, status: String? = nil) {
            self.attachments = attachments
            self.createTime = createTime
            self.encrypted = encrypted
            self.kmsKeyId = kmsKeyId
            self.size = size
            self.snapshotId = snapshotId
            self.status = status
        }

        public func validate(name: String) throws {
            try self.attachments?.forEach {
                try $0.validate(name: "\(name).attachments[]")
            }
            try self.validate(self.createTime, name: "createTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotId, name: "snapshotId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attachments = "Attachments"
            case createTime = "CreateTime"
            case encrypted = "Encrypted"
            case kmsKeyId = "KmsKeyId"
            case size = "Size"
            case snapshotId = "SnapshotId"
            case status = "Status"
        }
    }

    public struct AwsEc2VpcDetails: AWSEncodableShape & AWSDecodableShape {
        /// Information about the IPv4 CIDR blocks associated with the VPC.
        public let cidrBlockAssociationSet: [CidrBlockAssociation]?
        /// The identifier of the set of Dynamic Host Configuration Protocol (DHCP) options that are associated with the VPC. If the default options are associated with the VPC, then this is default.
        public let dhcpOptionsId: String?
        /// Information about the IPv6 CIDR blocks associated with the VPC.
        public let ipv6CidrBlockAssociationSet: [Ipv6CidrBlockAssociation]?
        /// The current state of the VPC.
        public let state: String?

        public init(cidrBlockAssociationSet: [CidrBlockAssociation]? = nil, dhcpOptionsId: String? = nil, ipv6CidrBlockAssociationSet: [Ipv6CidrBlockAssociation]? = nil, state: String? = nil) {
            self.cidrBlockAssociationSet = cidrBlockAssociationSet
            self.dhcpOptionsId = dhcpOptionsId
            self.ipv6CidrBlockAssociationSet = ipv6CidrBlockAssociationSet
            self.state = state
        }

        public func validate(name: String) throws {
            try self.cidrBlockAssociationSet?.forEach {
                try $0.validate(name: "\(name).cidrBlockAssociationSet[]")
            }
            try self.validate(self.dhcpOptionsId, name: "dhcpOptionsId", parent: name, pattern: ".*\\S.*")
            try self.ipv6CidrBlockAssociationSet?.forEach {
                try $0.validate(name: "\(name).ipv6CidrBlockAssociationSet[]")
            }
            try self.validate(self.state, name: "state", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cidrBlockAssociationSet = "CidrBlockAssociationSet"
            case dhcpOptionsId = "DhcpOptionsId"
            case ipv6CidrBlockAssociationSet = "Ipv6CidrBlockAssociationSet"
            case state = "State"
        }
    }

    public struct AwsElasticsearchDomainDetails: AWSEncodableShape & AWSDecodableShape {
        /// IAM policy document specifying the access policies for the new Amazon ES domain.
        public let accessPolicies: String?
        /// Additional options for the domain endpoint.
        public let domainEndpointOptions: AwsElasticsearchDomainDomainEndpointOptions?
        /// Unique identifier for an Amazon ES domain.
        public let domainId: String?
        /// Name of an Amazon ES domain. Domain names are unique across all domains owned by the same account within an AWS Region. Domain names must start with a lowercase letter and must be between 3 and 28 characters. Valid characters are a-z (lowercase only), 0-9, and – (hyphen).
        public let domainName: String?
        /// Elasticsearch version.
        public let elasticsearchVersion: String?
        /// Details about the configuration for encryption at rest.
        public let encryptionAtRestOptions: AwsElasticsearchDomainEncryptionAtRestOptions?
        /// Domain-specific endpoint used to submit index, search, and data upload requests to an Amazon ES domain. The endpoint is a service URL.
        public let endpoint: String?
        /// The key-value pair that exists if the Amazon ES domain uses VPC endpoints.
        public let endpoints: [String: String]?
        /// Details about the configuration for node-to-node encryption.
        public let nodeToNodeEncryptionOptions: AwsElasticsearchDomainNodeToNodeEncryptionOptions?
        /// Information that Amazon ES derives based on VPCOptions for the domain.
        public let vPCOptions: AwsElasticsearchDomainVPCOptions?

        public init(accessPolicies: String? = nil, domainEndpointOptions: AwsElasticsearchDomainDomainEndpointOptions? = nil, domainId: String? = nil, domainName: String? = nil, elasticsearchVersion: String? = nil, encryptionAtRestOptions: AwsElasticsearchDomainEncryptionAtRestOptions? = nil, endpoint: String? = nil, endpoints: [String: String]? = nil, nodeToNodeEncryptionOptions: AwsElasticsearchDomainNodeToNodeEncryptionOptions? = nil, vPCOptions: AwsElasticsearchDomainVPCOptions? = nil) {
            self.accessPolicies = accessPolicies
            self.domainEndpointOptions = domainEndpointOptions
            self.domainId = domainId
            self.domainName = domainName
            self.elasticsearchVersion = elasticsearchVersion
            self.encryptionAtRestOptions = encryptionAtRestOptions
            self.endpoint = endpoint
            self.endpoints = endpoints
            self.nodeToNodeEncryptionOptions = nodeToNodeEncryptionOptions
            self.vPCOptions = vPCOptions
        }

        public func validate(name: String) throws {
            try self.validate(self.accessPolicies, name: "accessPolicies", parent: name, pattern: ".*\\S.*")
            try self.domainEndpointOptions?.validate(name: "\(name).domainEndpointOptions")
            try self.validate(self.domainId, name: "domainId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.domainName, name: "domainName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.elasticsearchVersion, name: "elasticsearchVersion", parent: name, pattern: ".*\\S.*")
            try self.encryptionAtRestOptions?.validate(name: "\(name).encryptionAtRestOptions")
            try self.validate(self.endpoint, name: "endpoint", parent: name, pattern: ".*\\S.*")
            try self.endpoints?.forEach {
                try validate($0.key, name: "endpoints.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "endpoints[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.vPCOptions?.validate(name: "\(name).vPCOptions")
        }

        private enum CodingKeys: String, CodingKey {
            case accessPolicies = "AccessPolicies"
            case domainEndpointOptions = "DomainEndpointOptions"
            case domainId = "DomainId"
            case domainName = "DomainName"
            case elasticsearchVersion = "ElasticsearchVersion"
            case encryptionAtRestOptions = "EncryptionAtRestOptions"
            case endpoint = "Endpoint"
            case endpoints = "Endpoints"
            case nodeToNodeEncryptionOptions = "NodeToNodeEncryptionOptions"
            case vPCOptions = "VPCOptions"
        }
    }

    public struct AwsElasticsearchDomainDomainEndpointOptions: AWSEncodableShape & AWSDecodableShape {
        /// Whether to require that all traffic to the domain arrive over HTTPS.
        public let enforceHTTPS: Bool?
        /// The TLS security policy to apply to the HTTPS endpoint of the Elasticsearch domain. Valid values:    Policy-Min-TLS-1-0-2019-07, which supports TLSv1.0 and higher    Policy-Min-TLS-1-2-2019-07, which only supports TLSv1.2
        public let tLSSecurityPolicy: String?

        public init(enforceHTTPS: Bool? = nil, tLSSecurityPolicy: String? = nil) {
            self.enforceHTTPS = enforceHTTPS
            self.tLSSecurityPolicy = tLSSecurityPolicy
        }

        public func validate(name: String) throws {
            try self.validate(self.tLSSecurityPolicy, name: "tLSSecurityPolicy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case enforceHTTPS = "EnforceHTTPS"
            case tLSSecurityPolicy = "TLSSecurityPolicy"
        }
    }

    public struct AwsElasticsearchDomainEncryptionAtRestOptions: AWSEncodableShape & AWSDecodableShape {
        /// Whether encryption at rest is enabled.
        public let enabled: Bool?
        /// The KMS key ID. Takes the form 1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a.
        public let kmsKeyId: String?

        public init(enabled: Bool? = nil, kmsKeyId: String? = nil) {
            self.enabled = enabled
            self.kmsKeyId = kmsKeyId
        }

        public func validate(name: String) throws {
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case enabled = "Enabled"
            case kmsKeyId = "KmsKeyId"
        }
    }

    public struct AwsElasticsearchDomainNodeToNodeEncryptionOptions: AWSEncodableShape & AWSDecodableShape {
        /// Whether node-to-node encryption is enabled.
        public let enabled: Bool?

        public init(enabled: Bool? = nil) {
            self.enabled = enabled
        }

        private enum CodingKeys: String, CodingKey {
            case enabled = "Enabled"
        }
    }

    public struct AwsElasticsearchDomainVPCOptions: AWSEncodableShape & AWSDecodableShape {
        /// The list of Availability Zones associated with the VPC subnets.
        public let availabilityZones: [String]?
        /// The list of security group IDs associated with the VPC endpoints for the domain.
        public let securityGroupIds: [String]?
        /// A list of subnet IDs associated with the VPC endpoints for the domain.
        public let subnetIds: [String]?
        /// ID for the VPC.
        public let vPCId: String?

        public init(availabilityZones: [String]? = nil, securityGroupIds: [String]? = nil, subnetIds: [String]? = nil, vPCId: String? = nil) {
            self.availabilityZones = availabilityZones
            self.securityGroupIds = securityGroupIds
            self.subnetIds = subnetIds
            self.vPCId = vPCId
        }

        public func validate(name: String) throws {
            try self.availabilityZones?.forEach {
                try validate($0, name: "availabilityZones[]", parent: name, pattern: ".*\\S.*")
            }
            try self.securityGroupIds?.forEach {
                try validate($0, name: "securityGroupIds[]", parent: name, pattern: ".*\\S.*")
            }
            try self.subnetIds?.forEach {
                try validate($0, name: "subnetIds[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.vPCId, name: "vPCId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case availabilityZones = "AvailabilityZones"
            case securityGroupIds = "SecurityGroupIds"
            case subnetIds = "SubnetIds"
            case vPCId = "VPCId"
        }
    }

    public struct AwsElbAppCookieStickinessPolicy: AWSEncodableShape & AWSDecodableShape {
        /// The name of the application cookie used for stickiness.
        public let cookieName: String?
        /// The mnemonic name for the policy being created. The name must be unique within the set of policies for the load balancer.
        public let policyName: String?

        public init(cookieName: String? = nil, policyName: String? = nil) {
            self.cookieName = cookieName
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.cookieName, name: "cookieName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cookieName = "CookieName"
            case policyName = "PolicyName"
        }
    }

    public struct AwsElbLbCookieStickinessPolicy: AWSEncodableShape & AWSDecodableShape {
        /// The amount of time, in seconds, after which the cookie is considered stale. If an expiration period is not specified, the stickiness session lasts for the duration of the browser session.
        public let cookieExpirationPeriod: Int64?
        /// The name of the policy. The name must be unique within the set of policies for the load balancer.
        public let policyName: String?

        public init(cookieExpirationPeriod: Int64? = nil, policyName: String? = nil) {
            self.cookieExpirationPeriod = cookieExpirationPeriod
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cookieExpirationPeriod = "CookieExpirationPeriod"
            case policyName = "PolicyName"
        }
    }

    public struct AwsElbLoadBalancerAccessLog: AWSEncodableShape & AWSDecodableShape {
        /// The interval in minutes for publishing the access logs. You can publish access logs either every 5 minutes or every 60 minutes.
        public let emitInterval: Int?
        /// Indicates whether access logs are enabled for the load balancer.
        public let enabled: Bool?
        /// The name of the S3 bucket where the access logs are stored.
        public let s3BucketName: String?
        /// The logical hierarchy that was created for the S3 bucket. If a prefix is not provided, the log is placed at the root level of the bucket.
        public let s3BucketPrefix: String?

        public init(emitInterval: Int? = nil, enabled: Bool? = nil, s3BucketName: String? = nil, s3BucketPrefix: String? = nil) {
            self.emitInterval = emitInterval
            self.enabled = enabled
            self.s3BucketName = s3BucketName
            self.s3BucketPrefix = s3BucketPrefix
        }

        public func validate(name: String) throws {
            try self.validate(self.s3BucketName, name: "s3BucketName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.s3BucketPrefix, name: "s3BucketPrefix", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case emitInterval = "EmitInterval"
            case enabled = "Enabled"
            case s3BucketName = "S3BucketName"
            case s3BucketPrefix = "S3BucketPrefix"
        }
    }

    public struct AwsElbLoadBalancerAttributes: AWSEncodableShape & AWSDecodableShape {
        /// Information about the access log configuration for the load balancer. If the access log is enabled, the load balancer captures detailed information about all requests. It delivers the information to a specified S3 bucket.
        public let accessLog: AwsElbLoadBalancerAccessLog?
        /// Information about the connection draining configuration for the load balancer. If connection draining is enabled, the load balancer allows existing requests to complete before it shifts traffic away from a deregistered or unhealthy instance.
        public let connectionDraining: AwsElbLoadBalancerConnectionDraining?
        /// Connection settings for the load balancer. If an idle timeout is configured, the load balancer allows connections to remain idle for the specified duration. When a connection is idle, no data is sent over the connection.
        public let connectionSettings: AwsElbLoadBalancerConnectionSettings?
        /// Cross-zone load balancing settings for the load balancer. If cross-zone load balancing is enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.
        public let crossZoneLoadBalancing: AwsElbLoadBalancerCrossZoneLoadBalancing?

        public init(accessLog: AwsElbLoadBalancerAccessLog? = nil, connectionDraining: AwsElbLoadBalancerConnectionDraining? = nil, connectionSettings: AwsElbLoadBalancerConnectionSettings? = nil, crossZoneLoadBalancing: AwsElbLoadBalancerCrossZoneLoadBalancing? = nil) {
            self.accessLog = accessLog
            self.connectionDraining = connectionDraining
            self.connectionSettings = connectionSettings
            self.crossZoneLoadBalancing = crossZoneLoadBalancing
        }

        public func validate(name: String) throws {
            try self.accessLog?.validate(name: "\(name).accessLog")
        }

        private enum CodingKeys: String, CodingKey {
            case accessLog = "AccessLog"
            case connectionDraining = "ConnectionDraining"
            case connectionSettings = "ConnectionSettings"
            case crossZoneLoadBalancing = "CrossZoneLoadBalancing"
        }
    }

    public struct AwsElbLoadBalancerBackendServerDescription: AWSEncodableShape & AWSDecodableShape {
        /// The port on which the EC2 instance is listening.
        public let instancePort: Int?
        /// The names of the policies that are enabled for the EC2 instance.
        public let policyNames: [String]?

        public init(instancePort: Int? = nil, policyNames: [String]? = nil) {
            self.instancePort = instancePort
            self.policyNames = policyNames
        }

        public func validate(name: String) throws {
            try self.policyNames?.forEach {
                try validate($0, name: "policyNames[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case instancePort = "InstancePort"
            case policyNames = "PolicyNames"
        }
    }

    public struct AwsElbLoadBalancerConnectionDraining: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether connection draining is enabled for the load balancer.
        public let enabled: Bool?
        /// The maximum time, in seconds, to keep the existing connections open before deregistering the instances.
        public let timeout: Int?

        public init(enabled: Bool? = nil, timeout: Int? = nil) {
            self.enabled = enabled
            self.timeout = timeout
        }

        private enum CodingKeys: String, CodingKey {
            case enabled = "Enabled"
            case timeout = "Timeout"
        }
    }

    public struct AwsElbLoadBalancerConnectionSettings: AWSEncodableShape & AWSDecodableShape {
        /// The time, in seconds, that the connection can be idle (no data is sent over the connection) before it is closed by the load balancer.
        public let idleTimeout: Int?

        public init(idleTimeout: Int? = nil) {
            self.idleTimeout = idleTimeout
        }

        private enum CodingKeys: String, CodingKey {
            case idleTimeout = "IdleTimeout"
        }
    }

    public struct AwsElbLoadBalancerCrossZoneLoadBalancing: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether cross-zone load balancing is enabled for the load balancer.
        public let enabled: Bool?

        public init(enabled: Bool? = nil) {
            self.enabled = enabled
        }

        private enum CodingKeys: String, CodingKey {
            case enabled = "Enabled"
        }
    }

    public struct AwsElbLoadBalancerDetails: AWSEncodableShape & AWSDecodableShape {
        /// The list of Availability Zones for the load balancer.
        public let availabilityZones: [String]?
        /// Information about the configuration of the EC2 instances.
        public let backendServerDescriptions: [AwsElbLoadBalancerBackendServerDescription]?
        /// The name of the Amazon Route 53 hosted zone for the load balancer.
        public let canonicalHostedZoneName: String?
        /// The ID of the Amazon Route 53 hosted zone for the load balancer.
        public let canonicalHostedZoneNameID: String?
        /// Indicates when the load balancer was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdTime: String?
        /// The DNS name of the load balancer.
        public let dnsName: String?
        /// Information about the health checks that are conducted on the load balancer.
        public let healthCheck: AwsElbLoadBalancerHealthCheck?
        /// List of EC2 instances for the load balancer.
        public let instances: [AwsElbLoadBalancerInstance]?
        /// The policies that are enabled for the load balancer listeners.
        public let listenerDescriptions: [AwsElbLoadBalancerListenerDescription]?
        /// The attributes for a load balancer.
        public let loadBalancerAttributes: AwsElbLoadBalancerAttributes?
        /// The name of the load balancer.
        public let loadBalancerName: String?
        /// The policies for a load balancer.
        public let policies: AwsElbLoadBalancerPolicies?
        /// The type of load balancer. Only provided if the load balancer is in a VPC. If Scheme is internet-facing, the load balancer has a public DNS name that resolves to a public IP address. If Scheme is internal, the load balancer has a public DNS name that resolves to a private IP address.
        public let scheme: String?
        /// The security groups for the load balancer. Only provided if the load balancer is in a VPC.
        public let securityGroups: [String]?
        /// Information about the security group for the load balancer. This is the security group that is used for inbound rules.
        public let sourceSecurityGroup: AwsElbLoadBalancerSourceSecurityGroup?
        /// The list of subnet identifiers for the load balancer.
        public let subnets: [String]?
        /// The identifier of the VPC for the load balancer.
        public let vpcId: String?

        public init(availabilityZones: [String]? = nil, backendServerDescriptions: [AwsElbLoadBalancerBackendServerDescription]? = nil, canonicalHostedZoneName: String? = nil, canonicalHostedZoneNameID: String? = nil, createdTime: String? = nil, dnsName: String? = nil, healthCheck: AwsElbLoadBalancerHealthCheck? = nil, instances: [AwsElbLoadBalancerInstance]? = nil, listenerDescriptions: [AwsElbLoadBalancerListenerDescription]? = nil, loadBalancerAttributes: AwsElbLoadBalancerAttributes? = nil, loadBalancerName: String? = nil, policies: AwsElbLoadBalancerPolicies? = nil, scheme: String? = nil, securityGroups: [String]? = nil, sourceSecurityGroup: AwsElbLoadBalancerSourceSecurityGroup? = nil, subnets: [String]? = nil, vpcId: String? = nil) {
            self.availabilityZones = availabilityZones
            self.backendServerDescriptions = backendServerDescriptions
            self.canonicalHostedZoneName = canonicalHostedZoneName
            self.canonicalHostedZoneNameID = canonicalHostedZoneNameID
            self.createdTime = createdTime
            self.dnsName = dnsName
            self.healthCheck = healthCheck
            self.instances = instances
            self.listenerDescriptions = listenerDescriptions
            self.loadBalancerAttributes = loadBalancerAttributes
            self.loadBalancerName = loadBalancerName
            self.policies = policies
            self.scheme = scheme
            self.securityGroups = securityGroups
            self.sourceSecurityGroup = sourceSecurityGroup
            self.subnets = subnets
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.availabilityZones?.forEach {
                try validate($0, name: "availabilityZones[]", parent: name, pattern: ".*\\S.*")
            }
            try self.backendServerDescriptions?.forEach {
                try $0.validate(name: "\(name).backendServerDescriptions[]")
            }
            try self.validate(self.canonicalHostedZoneName, name: "canonicalHostedZoneName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.canonicalHostedZoneNameID, name: "canonicalHostedZoneNameID", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createdTime, name: "createdTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dnsName, name: "dnsName", parent: name, pattern: ".*\\S.*")
            try self.healthCheck?.validate(name: "\(name).healthCheck")
            try self.instances?.forEach {
                try $0.validate(name: "\(name).instances[]")
            }
            try self.listenerDescriptions?.forEach {
                try $0.validate(name: "\(name).listenerDescriptions[]")
            }
            try self.loadBalancerAttributes?.validate(name: "\(name).loadBalancerAttributes")
            try self.validate(self.loadBalancerName, name: "loadBalancerName", parent: name, pattern: ".*\\S.*")
            try self.policies?.validate(name: "\(name).policies")
            try self.validate(self.scheme, name: "scheme", parent: name, pattern: ".*\\S.*")
            try self.securityGroups?.forEach {
                try validate($0, name: "securityGroups[]", parent: name, pattern: ".*\\S.*")
            }
            try self.sourceSecurityGroup?.validate(name: "\(name).sourceSecurityGroup")
            try self.subnets?.forEach {
                try validate($0, name: "subnets[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case availabilityZones = "AvailabilityZones"
            case backendServerDescriptions = "BackendServerDescriptions"
            case canonicalHostedZoneName = "CanonicalHostedZoneName"
            case canonicalHostedZoneNameID = "CanonicalHostedZoneNameID"
            case createdTime = "CreatedTime"
            case dnsName = "DnsName"
            case healthCheck = "HealthCheck"
            case instances = "Instances"
            case listenerDescriptions = "ListenerDescriptions"
            case loadBalancerAttributes = "LoadBalancerAttributes"
            case loadBalancerName = "LoadBalancerName"
            case policies = "Policies"
            case scheme = "Scheme"
            case securityGroups = "SecurityGroups"
            case sourceSecurityGroup = "SourceSecurityGroup"
            case subnets = "Subnets"
            case vpcId = "VpcId"
        }
    }

    public struct AwsElbLoadBalancerHealthCheck: AWSEncodableShape & AWSDecodableShape {
        /// The number of consecutive health check successes required before the instance is moved to the Healthy state.
        public let healthyThreshold: Int?
        /// The approximate interval, in seconds, between health checks of an individual instance.
        public let interval: Int?
        /// The instance that is being checked. The target specifies the protocol and port. The available protocols are TCP, SSL, HTTP, and HTTPS. The range of valid ports is 1 through 65535. For the HTTP and HTTPS protocols, the target also specifies the ping path. For the TCP protocol, the target is specified as TCP: &lt;port&gt; . For the SSL protocol, the target is specified as SSL.&lt;port&gt; . For the HTTP and HTTPS protocols, the target is specified as  &lt;protocol&gt;:&lt;port&gt;/&lt;path to ping&gt; .
        public let target: String?
        /// The amount of time, in seconds, during which no response means a failed health check.
        public let timeout: Int?
        /// The number of consecutive health check failures that must occur before the instance is moved to the Unhealthy state.
        public let unhealthyThreshold: Int?

        public init(healthyThreshold: Int? = nil, interval: Int? = nil, target: String? = nil, timeout: Int? = nil, unhealthyThreshold: Int? = nil) {
            self.healthyThreshold = healthyThreshold
            self.interval = interval
            self.target = target
            self.timeout = timeout
            self.unhealthyThreshold = unhealthyThreshold
        }

        public func validate(name: String) throws {
            try self.validate(self.target, name: "target", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case healthyThreshold = "HealthyThreshold"
            case interval = "Interval"
            case target = "Target"
            case timeout = "Timeout"
            case unhealthyThreshold = "UnhealthyThreshold"
        }
    }

    public struct AwsElbLoadBalancerInstance: AWSEncodableShape & AWSDecodableShape {
        /// The instance identifier.
        public let instanceId: String?

        public init(instanceId: String? = nil) {
            self.instanceId = instanceId
        }

        public func validate(name: String) throws {
            try self.validate(self.instanceId, name: "instanceId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case instanceId = "InstanceId"
        }
    }

    public struct AwsElbLoadBalancerListener: AWSEncodableShape & AWSDecodableShape {
        /// The port on which the instance is listening.
        public let instancePort: Int?
        /// The protocol to use to route traffic to instances. Valid values: HTTP | HTTPS | TCP | SSL
        public let instanceProtocol: String?
        /// The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.
        public let loadBalancerPort: Int?
        /// The load balancer transport protocol to use for routing. Valid values: HTTP | HTTPS | TCP | SSL
        public let `protocol`: String?
        /// The ARN of the server certificate.
        public let sslCertificateId: String?

        public init(instancePort: Int? = nil, instanceProtocol: String? = nil, loadBalancerPort: Int? = nil, protocol: String? = nil, sslCertificateId: String? = nil) {
            self.instancePort = instancePort
            self.instanceProtocol = instanceProtocol
            self.loadBalancerPort = loadBalancerPort
            self.`protocol` = `protocol`
            self.sslCertificateId = sslCertificateId
        }

        public func validate(name: String) throws {
            try self.validate(self.instanceProtocol, name: "instanceProtocol", parent: name, pattern: ".*\\S.*")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sslCertificateId, name: "sslCertificateId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case instancePort = "InstancePort"
            case instanceProtocol = "InstanceProtocol"
            case loadBalancerPort = "LoadBalancerPort"
            case `protocol` = "Protocol"
            case sslCertificateId = "SslCertificateId"
        }
    }

    public struct AwsElbLoadBalancerListenerDescription: AWSEncodableShape & AWSDecodableShape {
        /// Information about the listener.
        public let listener: AwsElbLoadBalancerListener?
        /// The policies enabled for the listener.
        public let policyNames: [String]?

        public init(listener: AwsElbLoadBalancerListener? = nil, policyNames: [String]? = nil) {
            self.listener = listener
            self.policyNames = policyNames
        }

        public func validate(name: String) throws {
            try self.listener?.validate(name: "\(name).listener")
            try self.policyNames?.forEach {
                try validate($0, name: "policyNames[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case listener = "Listener"
            case policyNames = "PolicyNames"
        }
    }

    public struct AwsElbLoadBalancerPolicies: AWSEncodableShape & AWSDecodableShape {
        /// The stickiness policies that are created using CreateAppCookieStickinessPolicy.
        public let appCookieStickinessPolicies: [AwsElbAppCookieStickinessPolicy]?
        /// The stickiness policies that are created using CreateLBCookieStickinessPolicy.
        public let lbCookieStickinessPolicies: [AwsElbLbCookieStickinessPolicy]?
        /// The policies other than the stickiness policies.
        public let otherPolicies: [String]?

        public init(appCookieStickinessPolicies: [AwsElbAppCookieStickinessPolicy]? = nil, lbCookieStickinessPolicies: [AwsElbLbCookieStickinessPolicy]? = nil, otherPolicies: [String]? = nil) {
            self.appCookieStickinessPolicies = appCookieStickinessPolicies
            self.lbCookieStickinessPolicies = lbCookieStickinessPolicies
            self.otherPolicies = otherPolicies
        }

        public func validate(name: String) throws {
            try self.appCookieStickinessPolicies?.forEach {
                try $0.validate(name: "\(name).appCookieStickinessPolicies[]")
            }
            try self.lbCookieStickinessPolicies?.forEach {
                try $0.validate(name: "\(name).lbCookieStickinessPolicies[]")
            }
            try self.otherPolicies?.forEach {
                try validate($0, name: "otherPolicies[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case appCookieStickinessPolicies = "AppCookieStickinessPolicies"
            case lbCookieStickinessPolicies = "LbCookieStickinessPolicies"
            case otherPolicies = "OtherPolicies"
        }
    }

    public struct AwsElbLoadBalancerSourceSecurityGroup: AWSEncodableShape & AWSDecodableShape {
        /// The name of the security group.
        public let groupName: String?
        /// The owner of the security group.
        public let ownerAlias: String?

        public init(groupName: String? = nil, ownerAlias: String? = nil) {
            self.groupName = groupName
            self.ownerAlias = ownerAlias
        }

        public func validate(name: String) throws {
            try self.validate(self.groupName, name: "groupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.ownerAlias, name: "ownerAlias", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case groupName = "GroupName"
            case ownerAlias = "OwnerAlias"
        }
    }

    public struct AwsElbv2LoadBalancerDetails: AWSEncodableShape & AWSDecodableShape {
        /// The Availability Zones for the load balancer.
        public let availabilityZones: [AvailabilityZone]?
        /// The ID of the Amazon Route 53 hosted zone associated with the load balancer.
        public let canonicalHostedZoneId: String?
        /// Indicates when the load balancer was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdTime: String?
        /// The public DNS name of the load balancer.
        public let dNSName: String?
        /// The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
        public let ipAddressType: String?
        /// The nodes of an Internet-facing load balancer have public IP addresses.
        public let scheme: String?
        /// The IDs of the security groups for the load balancer.
        public let securityGroups: [String]?
        /// The state of the load balancer.
        public let state: LoadBalancerState?
        /// The type of load balancer.
        public let type: String?
        /// The ID of the VPC for the load balancer.
        public let vpcId: String?

        public init(availabilityZones: [AvailabilityZone]? = nil, canonicalHostedZoneId: String? = nil, createdTime: String? = nil, dNSName: String? = nil, ipAddressType: String? = nil, scheme: String? = nil, securityGroups: [String]? = nil, state: LoadBalancerState? = nil, type: String? = nil, vpcId: String? = nil) {
            self.availabilityZones = availabilityZones
            self.canonicalHostedZoneId = canonicalHostedZoneId
            self.createdTime = createdTime
            self.dNSName = dNSName
            self.ipAddressType = ipAddressType
            self.scheme = scheme
            self.securityGroups = securityGroups
            self.state = state
            self.type = type
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.availabilityZones?.forEach {
                try $0.validate(name: "\(name).availabilityZones[]")
            }
            try self.validate(self.canonicalHostedZoneId, name: "canonicalHostedZoneId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createdTime, name: "createdTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dNSName, name: "dNSName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.ipAddressType, name: "ipAddressType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.scheme, name: "scheme", parent: name, pattern: ".*\\S.*")
            try self.securityGroups?.forEach {
                try validate($0, name: "securityGroups[]", parent: name, pattern: ".*\\S.*")
            }
            try self.state?.validate(name: "\(name).state")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case availabilityZones = "AvailabilityZones"
            case canonicalHostedZoneId = "CanonicalHostedZoneId"
            case createdTime = "CreatedTime"
            case dNSName = "DNSName"
            case ipAddressType = "IpAddressType"
            case scheme = "Scheme"
            case securityGroups = "SecurityGroups"
            case state = "State"
            case type = "Type"
            case vpcId = "VpcId"
        }
    }

    public struct AwsIamAccessKeyDetails: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the access key.
        public let accessKeyId: String?
        /// The AWS account ID of the account for the key.
        public let accountId: String?
        /// Indicates when the IAM access key was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdAt: String?
        /// The ID of the principal associated with an access key.
        public let principalId: String?
        /// The name of the principal.
        public let principalName: String?
        /// The type of principal associated with an access key.
        public let principalType: String?
        /// Information about the session that the key was used for.
        public let sessionContext: AwsIamAccessKeySessionContext?
        /// The status of the IAM access key related to a finding.
        public let status: AwsIamAccessKeyStatus?

        public init(accessKeyId: String? = nil, accountId: String? = nil, createdAt: String? = nil, principalId: String? = nil, principalName: String? = nil, principalType: String? = nil, sessionContext: AwsIamAccessKeySessionContext? = nil, status: AwsIamAccessKeyStatus? = nil) {
            self.accessKeyId = accessKeyId
            self.accountId = accountId
            self.createdAt = createdAt
            self.principalId = principalId
            self.principalName = principalName
            self.principalType = principalType
            self.sessionContext = sessionContext
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.accessKeyId, name: "accessKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createdAt, name: "createdAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.principalId, name: "principalId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.principalName, name: "principalName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.principalType, name: "principalType", parent: name, pattern: ".*\\S.*")
            try self.sessionContext?.validate(name: "\(name).sessionContext")
        }

        private enum CodingKeys: String, CodingKey {
            case accessKeyId = "AccessKeyId"
            case accountId = "AccountId"
            case createdAt = "CreatedAt"
            case principalId = "PrincipalId"
            case principalName = "PrincipalName"
            case principalType = "PrincipalType"
            case sessionContext = "SessionContext"
            case status = "Status"
        }
    }

    public struct AwsIamAccessKeySessionContext: AWSEncodableShape & AWSDecodableShape {
        /// Attributes of the session that the key was used for.
        public let attributes: AwsIamAccessKeySessionContextAttributes?
        /// Information about the entity that created the session.
        public let sessionIssuer: AwsIamAccessKeySessionContextSessionIssuer?

        public init(attributes: AwsIamAccessKeySessionContextAttributes? = nil, sessionIssuer: AwsIamAccessKeySessionContextSessionIssuer? = nil) {
            self.attributes = attributes
            self.sessionIssuer = sessionIssuer
        }

        public func validate(name: String) throws {
            try self.attributes?.validate(name: "\(name).attributes")
            try self.sessionIssuer?.validate(name: "\(name).sessionIssuer")
        }

        private enum CodingKeys: String, CodingKey {
            case attributes = "Attributes"
            case sessionIssuer = "SessionIssuer"
        }
    }

    public struct AwsIamAccessKeySessionContextAttributes: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the session was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let creationDate: String?
        /// Indicates whether the session used multi-factor authentication (MFA).
        public let mfaAuthenticated: Bool?

        public init(creationDate: String? = nil, mfaAuthenticated: Bool? = nil) {
            self.creationDate = creationDate
            self.mfaAuthenticated = mfaAuthenticated
        }

        public func validate(name: String) throws {
            try self.validate(self.creationDate, name: "creationDate", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case creationDate = "CreationDate"
            case mfaAuthenticated = "MfaAuthenticated"
        }
    }

    public struct AwsIamAccessKeySessionContextSessionIssuer: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the AWS account that created the session.
        public let accountId: String?
        /// The ARN of the session.
        public let arn: String?
        /// The principal ID of the principal (user, role, or group) that created the session.
        public let principalId: String?
        /// The type of principal (user, role, or group) that created the session.
        public let type: String?
        /// The name of the principal that created the session.
        public let userName: String?

        public init(accountId: String? = nil, arn: String? = nil, principalId: String? = nil, type: String? = nil, userName: String? = nil) {
            self.accountId = accountId
            self.arn = arn
            self.principalId = principalId
            self.type = type
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.arn, name: "arn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.principalId, name: "principalId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
            try self.validate(self.userName, name: "userName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case arn = "Arn"
            case principalId = "PrincipalId"
            case type = "Type"
            case userName = "UserName"
        }
    }

    public struct AwsIamAttachedManagedPolicy: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the policy.
        public let policyArn: String?
        /// The name of the policy.
        public let policyName: String?

        public init(policyArn: String? = nil, policyName: String? = nil) {
            self.policyArn = policyArn
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.policyArn, name: "policyArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case policyArn = "PolicyArn"
            case policyName = "PolicyName"
        }
    }

    public struct AwsIamGroupDetails: AWSEncodableShape & AWSDecodableShape {
        /// A list of the managed policies that are attached to the IAM group.
        public let attachedManagedPolicies: [AwsIamAttachedManagedPolicy]?
        /// Indicates when the IAM group was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// The identifier of the IAM group.
        public let groupId: String?
        /// The name of the IAM group.
        public let groupName: String?
        /// The list of inline policies that are embedded in the group.
        public let groupPolicyList: [AwsIamGroupPolicy]?
        /// The path to the group.
        public let path: String?

        public init(attachedManagedPolicies: [AwsIamAttachedManagedPolicy]? = nil, createDate: String? = nil, groupId: String? = nil, groupName: String? = nil, groupPolicyList: [AwsIamGroupPolicy]? = nil, path: String? = nil) {
            self.attachedManagedPolicies = attachedManagedPolicies
            self.createDate = createDate
            self.groupId = groupId
            self.groupName = groupName
            self.groupPolicyList = groupPolicyList
            self.path = path
        }

        public func validate(name: String) throws {
            try self.attachedManagedPolicies?.forEach {
                try $0.validate(name: "\(name).attachedManagedPolicies[]")
            }
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.groupId, name: "groupId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.groupName, name: "groupName", parent: name, pattern: ".*\\S.*")
            try self.groupPolicyList?.forEach {
                try $0.validate(name: "\(name).groupPolicyList[]")
            }
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attachedManagedPolicies = "AttachedManagedPolicies"
            case createDate = "CreateDate"
            case groupId = "GroupId"
            case groupName = "GroupName"
            case groupPolicyList = "GroupPolicyList"
            case path = "Path"
        }
    }

    public struct AwsIamGroupPolicy: AWSEncodableShape & AWSDecodableShape {
        /// The name of the policy.
        public let policyName: String?

        public init(policyName: String? = nil) {
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case policyName = "PolicyName"
        }
    }

    public struct AwsIamInstanceProfile: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the instance profile.
        public let arn: String?
        /// Indicates when the instance profile was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// The identifier of the instance profile.
        public let instanceProfileId: String?
        /// The name of the instance profile.
        public let instanceProfileName: String?
        /// The path to the instance profile.
        public let path: String?
        /// The roles associated with the instance profile.
        public let roles: [AwsIamInstanceProfileRole]?

        public init(arn: String? = nil, createDate: String? = nil, instanceProfileId: String? = nil, instanceProfileName: String? = nil, path: String? = nil, roles: [AwsIamInstanceProfileRole]? = nil) {
            self.arn = arn
            self.createDate = createDate
            self.instanceProfileId = instanceProfileId
            self.instanceProfileName = instanceProfileName
            self.path = path
            self.roles = roles
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceProfileId, name: "instanceProfileId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceProfileName, name: "instanceProfileName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.roles?.forEach {
                try $0.validate(name: "\(name).roles[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case createDate = "CreateDate"
            case instanceProfileId = "InstanceProfileId"
            case instanceProfileName = "InstanceProfileName"
            case path = "Path"
            case roles = "Roles"
        }
    }

    public struct AwsIamInstanceProfileRole: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the role.
        public let arn: String?
        /// The policy that grants an entity permission to assume the role.
        public let assumeRolePolicyDocument: String?
        /// Indicates when the role was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// The path to the role.
        public let path: String?
        /// The identifier of the role.
        public let roleId: String?
        /// The name of the role.
        public let roleName: String?

        public init(arn: String? = nil, assumeRolePolicyDocument: String? = nil, createDate: String? = nil, path: String? = nil, roleId: String? = nil, roleName: String? = nil) {
            self.arn = arn
            self.assumeRolePolicyDocument = assumeRolePolicyDocument
            self.createDate = createDate
            self.path = path
            self.roleId = roleId
            self.roleName = roleName
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, max: 131_072)
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, min: 1)
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, pattern: "[\\u0009\\u000A\\u000D\\u0020-\\u007E\\u00A1-\\u00FF]+")
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.validate(self.roleId, name: "roleId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.roleName, name: "roleName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case assumeRolePolicyDocument = "AssumeRolePolicyDocument"
            case createDate = "CreateDate"
            case path = "Path"
            case roleId = "RoleId"
            case roleName = "RoleName"
        }
    }

    public struct AwsIamPermissionsBoundary: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the policy used to set the permissions boundary.
        public let permissionsBoundaryArn: String?
        /// The usage type for the permissions boundary.
        public let permissionsBoundaryType: String?

        public init(permissionsBoundaryArn: String? = nil, permissionsBoundaryType: String? = nil) {
            self.permissionsBoundaryArn = permissionsBoundaryArn
            self.permissionsBoundaryType = permissionsBoundaryType
        }

        public func validate(name: String) throws {
            try self.validate(self.permissionsBoundaryArn, name: "permissionsBoundaryArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.permissionsBoundaryType, name: "permissionsBoundaryType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case permissionsBoundaryArn = "PermissionsBoundaryArn"
            case permissionsBoundaryType = "PermissionsBoundaryType"
        }
    }

    public struct AwsIamPolicyDetails: AWSEncodableShape & AWSDecodableShape {
        /// The number of users, groups, and roles that the policy is attached to.
        public let attachmentCount: Int?
        /// When the policy was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// The identifier of the default version of the policy.
        public let defaultVersionId: String?
        /// A description of the policy.
        public let description: String?
        /// Whether the policy can be attached to a user, group, or role.
        public let isAttachable: Bool?
        /// The path to the policy.
        public let path: String?
        /// The number of users and roles that use the policy to set the permissions boundary.
        public let permissionsBoundaryUsageCount: Int?
        /// The unique identifier of the policy.
        public let policyId: String?
        /// The name of the policy.
        public let policyName: String?
        /// List of versions of the policy.
        public let policyVersionList: [AwsIamPolicyVersion]?
        /// When the policy was most recently updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let updateDate: String?

        public init(attachmentCount: Int? = nil, createDate: String? = nil, defaultVersionId: String? = nil, description: String? = nil, isAttachable: Bool? = nil, path: String? = nil, permissionsBoundaryUsageCount: Int? = nil, policyId: String? = nil, policyName: String? = nil, policyVersionList: [AwsIamPolicyVersion]? = nil, updateDate: String? = nil) {
            self.attachmentCount = attachmentCount
            self.createDate = createDate
            self.defaultVersionId = defaultVersionId
            self.description = description
            self.isAttachable = isAttachable
            self.path = path
            self.permissionsBoundaryUsageCount = permissionsBoundaryUsageCount
            self.policyId = policyId
            self.policyName = policyName
            self.policyVersionList = policyVersionList
            self.updateDate = updateDate
        }

        public func validate(name: String) throws {
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.defaultVersionId, name: "defaultVersionId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.validate(self.policyId, name: "policyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
            try self.policyVersionList?.forEach {
                try $0.validate(name: "\(name).policyVersionList[]")
            }
            try self.validate(self.updateDate, name: "updateDate", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case attachmentCount = "AttachmentCount"
            case createDate = "CreateDate"
            case defaultVersionId = "DefaultVersionId"
            case description = "Description"
            case isAttachable = "IsAttachable"
            case path = "Path"
            case permissionsBoundaryUsageCount = "PermissionsBoundaryUsageCount"
            case policyId = "PolicyId"
            case policyName = "PolicyName"
            case policyVersionList = "PolicyVersionList"
            case updateDate = "UpdateDate"
        }
    }

    public struct AwsIamPolicyVersion: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the version was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// Whether the version is the default version.
        public let isDefaultVersion: Bool?
        /// The identifier of the policy version.
        public let versionId: String?

        public init(createDate: String? = nil, isDefaultVersion: Bool? = nil, versionId: String? = nil) {
            self.createDate = createDate
            self.isDefaultVersion = isDefaultVersion
            self.versionId = versionId
        }

        public func validate(name: String) throws {
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.validate(self.versionId, name: "versionId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case createDate = "CreateDate"
            case isDefaultVersion = "IsDefaultVersion"
            case versionId = "VersionId"
        }
    }

    public struct AwsIamRoleDetails: AWSEncodableShape & AWSDecodableShape {
        /// The trust policy that grants permission to assume the role.
        public let assumeRolePolicyDocument: String?
        /// The list of the managed policies that are attached to the role.
        public let attachedManagedPolicies: [AwsIamAttachedManagedPolicy]?
        /// Indicates when the role was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// The list of instance profiles that contain this role.
        public let instanceProfileList: [AwsIamInstanceProfile]?
        /// The maximum session duration (in seconds) that you want to set for the specified role.
        public let maxSessionDuration: Int?
        /// The path to the role.
        public let path: String?
        public let permissionsBoundary: AwsIamPermissionsBoundary?
        /// The stable and unique string identifying the role.
        public let roleId: String?
        /// The friendly name that identifies the role.
        public let roleName: String?
        /// The list of inline policies that are embedded in the role.
        public let rolePolicyList: [AwsIamRolePolicy]?

        public init(assumeRolePolicyDocument: String? = nil, attachedManagedPolicies: [AwsIamAttachedManagedPolicy]? = nil, createDate: String? = nil, instanceProfileList: [AwsIamInstanceProfile]? = nil, maxSessionDuration: Int? = nil, path: String? = nil, permissionsBoundary: AwsIamPermissionsBoundary? = nil, roleId: String? = nil, roleName: String? = nil, rolePolicyList: [AwsIamRolePolicy]? = nil) {
            self.assumeRolePolicyDocument = assumeRolePolicyDocument
            self.attachedManagedPolicies = attachedManagedPolicies
            self.createDate = createDate
            self.instanceProfileList = instanceProfileList
            self.maxSessionDuration = maxSessionDuration
            self.path = path
            self.permissionsBoundary = permissionsBoundary
            self.roleId = roleId
            self.roleName = roleName
            self.rolePolicyList = rolePolicyList
        }

        public func validate(name: String) throws {
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, max: 131_072)
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, min: 1)
            try self.validate(self.assumeRolePolicyDocument, name: "assumeRolePolicyDocument", parent: name, pattern: "[\\u0009\\u000A\\u000D\\u0020-\\u007E\\u00A1-\\u00FF]+")
            try self.attachedManagedPolicies?.forEach {
                try $0.validate(name: "\(name).attachedManagedPolicies[]")
            }
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.instanceProfileList?.forEach {
                try $0.validate(name: "\(name).instanceProfileList[]")
            }
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.permissionsBoundary?.validate(name: "\(name).permissionsBoundary")
            try self.validate(self.roleId, name: "roleId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.roleName, name: "roleName", parent: name, pattern: ".*\\S.*")
            try self.rolePolicyList?.forEach {
                try $0.validate(name: "\(name).rolePolicyList[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case assumeRolePolicyDocument = "AssumeRolePolicyDocument"
            case attachedManagedPolicies = "AttachedManagedPolicies"
            case createDate = "CreateDate"
            case instanceProfileList = "InstanceProfileList"
            case maxSessionDuration = "MaxSessionDuration"
            case path = "Path"
            case permissionsBoundary = "PermissionsBoundary"
            case roleId = "RoleId"
            case roleName = "RoleName"
            case rolePolicyList = "RolePolicyList"
        }
    }

    public struct AwsIamRolePolicy: AWSEncodableShape & AWSDecodableShape {
        /// The name of the policy.
        public let policyName: String?

        public init(policyName: String? = nil) {
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case policyName = "PolicyName"
        }
    }

    public struct AwsIamUserDetails: AWSEncodableShape & AWSDecodableShape {
        /// A list of the managed policies that are attached to the user.
        public let attachedManagedPolicies: [AwsIamAttachedManagedPolicy]?
        /// Indicates when the user was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createDate: String?
        /// A list of IAM groups that the user belongs to.
        public let groupList: [String]?
        /// The path to the user.
        public let path: String?
        /// The permissions boundary for the user.
        public let permissionsBoundary: AwsIamPermissionsBoundary?
        /// The unique identifier for the user.
        public let userId: String?
        /// The name of the user.
        public let userName: String?
        /// The list of inline policies that are embedded in the user.
        public let userPolicyList: [AwsIamUserPolicy]?

        public init(attachedManagedPolicies: [AwsIamAttachedManagedPolicy]? = nil, createDate: String? = nil, groupList: [String]? = nil, path: String? = nil, permissionsBoundary: AwsIamPermissionsBoundary? = nil, userId: String? = nil, userName: String? = nil, userPolicyList: [AwsIamUserPolicy]? = nil) {
            self.attachedManagedPolicies = attachedManagedPolicies
            self.createDate = createDate
            self.groupList = groupList
            self.path = path
            self.permissionsBoundary = permissionsBoundary
            self.userId = userId
            self.userName = userName
            self.userPolicyList = userPolicyList
        }

        public func validate(name: String) throws {
            try self.attachedManagedPolicies?.forEach {
                try $0.validate(name: "\(name).attachedManagedPolicies[]")
            }
            try self.validate(self.createDate, name: "createDate", parent: name, pattern: ".*\\S.*")
            try self.groupList?.forEach {
                try validate($0, name: "groupList[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.permissionsBoundary?.validate(name: "\(name).permissionsBoundary")
            try self.validate(self.userId, name: "userId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.userName, name: "userName", parent: name, pattern: ".*\\S.*")
            try self.userPolicyList?.forEach {
                try $0.validate(name: "\(name).userPolicyList[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case attachedManagedPolicies = "AttachedManagedPolicies"
            case createDate = "CreateDate"
            case groupList = "GroupList"
            case path = "Path"
            case permissionsBoundary = "PermissionsBoundary"
            case userId = "UserId"
            case userName = "UserName"
            case userPolicyList = "UserPolicyList"
        }
    }

    public struct AwsIamUserPolicy: AWSEncodableShape & AWSDecodableShape {
        /// The name of the policy.
        public let policyName: String?

        public init(policyName: String? = nil) {
            self.policyName = policyName
        }

        public func validate(name: String) throws {
            try self.validate(self.policyName, name: "policyName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case policyName = "PolicyName"
        }
    }

    public struct AwsKmsKeyDetails: AWSEncodableShape & AWSDecodableShape {
        /// The twelve-digit account ID of the AWS account that owns the CMK.
        public let aWSAccountId: String?
        /// Indicates when the CMK was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let creationDate: Double?
        /// A description of the key.
        public let description: String?
        /// The globally unique identifier for the CMK.
        public let keyId: String?
        /// The manager of the CMK. CMKs in your AWS account are either customer managed or AWS managed.
        public let keyManager: String?
        /// The state of the CMK.
        public let keyState: String?
        /// The source of the CMK's key material. When this value is AWS_KMS, AWS KMS created the key material. When this value is EXTERNAL, the key material was imported from your existing key management infrastructure or the CMK lacks key material. When this value is AWS_CLOUDHSM, the key material was created in the AWS CloudHSM cluster associated with a custom key store.
        public let origin: String?

        public init(aWSAccountId: String? = nil, creationDate: Double? = nil, description: String? = nil, keyId: String? = nil, keyManager: String? = nil, keyState: String? = nil, origin: String? = nil) {
            self.aWSAccountId = aWSAccountId
            self.creationDate = creationDate
            self.description = description
            self.keyId = keyId
            self.keyManager = keyManager
            self.keyState = keyState
            self.origin = origin
        }

        public func validate(name: String) throws {
            try self.validate(self.aWSAccountId, name: "aWSAccountId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.keyId, name: "keyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.keyManager, name: "keyManager", parent: name, pattern: ".*\\S.*")
            try self.validate(self.keyState, name: "keyState", parent: name, pattern: ".*\\S.*")
            try self.validate(self.origin, name: "origin", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case aWSAccountId = "AWSAccountId"
            case creationDate = "CreationDate"
            case description = "Description"
            case keyId = "KeyId"
            case keyManager = "KeyManager"
            case keyState = "KeyState"
            case origin = "Origin"
        }
    }

    public struct AwsLambdaFunctionCode: AWSEncodableShape & AWSDecodableShape {
        /// An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account.
        public let s3Bucket: String?
        /// The Amazon S3 key of the deployment package.
        public let s3Key: String?
        /// For versioned objects, the version of the deployment package object to use.
        public let s3ObjectVersion: String?
        /// The base64-encoded contents of the deployment package. AWS SDK and AWS CLI clients handle the encoding for you.
        public let zipFile: String?

        public init(s3Bucket: String? = nil, s3Key: String? = nil, s3ObjectVersion: String? = nil, zipFile: String? = nil) {
            self.s3Bucket = s3Bucket
            self.s3Key = s3Key
            self.s3ObjectVersion = s3ObjectVersion
            self.zipFile = zipFile
        }

        public func validate(name: String) throws {
            try self.validate(self.s3Bucket, name: "s3Bucket", parent: name, pattern: ".*\\S.*")
            try self.validate(self.s3Key, name: "s3Key", parent: name, pattern: ".*\\S.*")
            try self.validate(self.s3ObjectVersion, name: "s3ObjectVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.zipFile, name: "zipFile", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case s3Bucket = "S3Bucket"
            case s3Key = "S3Key"
            case s3ObjectVersion = "S3ObjectVersion"
            case zipFile = "ZipFile"
        }
    }

    public struct AwsLambdaFunctionDeadLetterConfig: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
        public let targetArn: String?

        public init(targetArn: String? = nil) {
            self.targetArn = targetArn
        }

        public func validate(name: String) throws {
            try self.validate(self.targetArn, name: "targetArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case targetArn = "TargetArn"
        }
    }

    public struct AwsLambdaFunctionDetails: AWSEncodableShape & AWSDecodableShape {
        /// An AwsLambdaFunctionCode object.
        public let code: AwsLambdaFunctionCode?
        /// The SHA256 hash of the function's deployment package.
        public let codeSha256: String?
        /// The function's dead letter queue.
        public let deadLetterConfig: AwsLambdaFunctionDeadLetterConfig?
        /// The function's environment variables.
        public let environment: AwsLambdaFunctionEnvironment?
        /// The name of the function.
        public let functionName: String?
        /// The function that Lambda calls to begin executing your function.
        public let handler: String?
        /// The KMS key that's used to encrypt the function's environment variables. This key is only returned if you've configured a customer managed CMK.
        public let kmsKeyArn: String?
        /// Indicates when the function was last updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastModified: String?
        /// The function's layers.
        public let layers: [AwsLambdaFunctionLayer]?
        /// For Lambda@Edge functions, the ARN of the master function.
        public let masterArn: String?
        /// The memory that's allocated to the function.
        public let memorySize: Int?
        /// The latest updated revision of the function or alias.
        public let revisionId: String?
        /// The function's execution role.
        public let role: String?
        /// The runtime environment for the Lambda function.
        public let runtime: String?
        /// The amount of time that Lambda allows a function to run before stopping it.
        public let timeout: Int?
        /// The function's AWS X-Ray tracing configuration.
        public let tracingConfig: AwsLambdaFunctionTracingConfig?
        /// The version of the Lambda function.
        public let version: String?
        /// The function's networking configuration.
        public let vpcConfig: AwsLambdaFunctionVpcConfig?

        public init(code: AwsLambdaFunctionCode? = nil, codeSha256: String? = nil, deadLetterConfig: AwsLambdaFunctionDeadLetterConfig? = nil, environment: AwsLambdaFunctionEnvironment? = nil, functionName: String? = nil, handler: String? = nil, kmsKeyArn: String? = nil, lastModified: String? = nil, layers: [AwsLambdaFunctionLayer]? = nil, masterArn: String? = nil, memorySize: Int? = nil, revisionId: String? = nil, role: String? = nil, runtime: String? = nil, timeout: Int? = nil, tracingConfig: AwsLambdaFunctionTracingConfig? = nil, version: String? = nil, vpcConfig: AwsLambdaFunctionVpcConfig? = nil) {
            self.code = code
            self.codeSha256 = codeSha256
            self.deadLetterConfig = deadLetterConfig
            self.environment = environment
            self.functionName = functionName
            self.handler = handler
            self.kmsKeyArn = kmsKeyArn
            self.lastModified = lastModified
            self.layers = layers
            self.masterArn = masterArn
            self.memorySize = memorySize
            self.revisionId = revisionId
            self.role = role
            self.runtime = runtime
            self.timeout = timeout
            self.tracingConfig = tracingConfig
            self.version = version
            self.vpcConfig = vpcConfig
        }

        public func validate(name: String) throws {
            try self.code?.validate(name: "\(name).code")
            try self.validate(self.codeSha256, name: "codeSha256", parent: name, pattern: ".*\\S.*")
            try self.deadLetterConfig?.validate(name: "\(name).deadLetterConfig")
            try self.environment?.validate(name: "\(name).environment")
            try self.validate(self.functionName, name: "functionName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.handler, name: "handler", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyArn, name: "kmsKeyArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastModified, name: "lastModified", parent: name, pattern: ".*\\S.*")
            try self.layers?.forEach {
                try $0.validate(name: "\(name).layers[]")
            }
            try self.validate(self.masterArn, name: "masterArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.revisionId, name: "revisionId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.role, name: "role", parent: name, pattern: ".*\\S.*")
            try self.validate(self.runtime, name: "runtime", parent: name, pattern: ".*\\S.*")
            try self.tracingConfig?.validate(name: "\(name).tracingConfig")
            try self.validate(self.version, name: "version", parent: name, pattern: ".*\\S.*")
            try self.vpcConfig?.validate(name: "\(name).vpcConfig")
        }

        private enum CodingKeys: String, CodingKey {
            case code = "Code"
            case codeSha256 = "CodeSha256"
            case deadLetterConfig = "DeadLetterConfig"
            case environment = "Environment"
            case functionName = "FunctionName"
            case handler = "Handler"
            case kmsKeyArn = "KmsKeyArn"
            case lastModified = "LastModified"
            case layers = "Layers"
            case masterArn = "MasterArn"
            case memorySize = "MemorySize"
            case revisionId = "RevisionId"
            case role = "Role"
            case runtime = "Runtime"
            case timeout = "Timeout"
            case tracingConfig = "TracingConfig"
            case version = "Version"
            case vpcConfig = "VpcConfig"
        }
    }

    public struct AwsLambdaFunctionEnvironment: AWSEncodableShape & AWSDecodableShape {
        /// An AwsLambdaFunctionEnvironmentError object.
        public let error: AwsLambdaFunctionEnvironmentError?
        /// Environment variable key-value pairs.
        public let variables: [String: String]?

        public init(error: AwsLambdaFunctionEnvironmentError? = nil, variables: [String: String]? = nil) {
            self.error = error
            self.variables = variables
        }

        public func validate(name: String) throws {
            try self.error?.validate(name: "\(name).error")
            try self.variables?.forEach {
                try validate($0.key, name: "variables.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "variables[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case error = "Error"
            case variables = "Variables"
        }
    }

    public struct AwsLambdaFunctionEnvironmentError: AWSEncodableShape & AWSDecodableShape {
        /// The error code.
        public let errorCode: String?
        /// The error message.
        public let message: String?

        public init(errorCode: String? = nil, message: String? = nil) {
            self.errorCode = errorCode
            self.message = message
        }

        public func validate(name: String) throws {
            try self.validate(self.errorCode, name: "errorCode", parent: name, pattern: ".*\\S.*")
            try self.validate(self.message, name: "message", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case errorCode = "ErrorCode"
            case message = "Message"
        }
    }

    public struct AwsLambdaFunctionLayer: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the function layer.
        public let arn: String?
        /// The size of the layer archive in bytes.
        public let codeSize: Int?

        public init(arn: String? = nil, codeSize: Int? = nil) {
            self.arn = arn
            self.codeSize = codeSize
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case codeSize = "CodeSize"
        }
    }

    public struct AwsLambdaFunctionTracingConfig: AWSEncodableShape & AWSDecodableShape {
        /// The tracing mode.
        public let mode: String?

        public init(mode: String? = nil) {
            self.mode = mode
        }

        public func validate(name: String) throws {
            try self.validate(self.mode, name: "mode", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case mode = "Mode"
        }
    }

    public struct AwsLambdaFunctionVpcConfig: AWSEncodableShape & AWSDecodableShape {
        /// A list of VPC security groups IDs.
        public let securityGroupIds: [String]?
        /// A list of VPC subnet IDs.
        public let subnetIds: [String]?
        /// The ID of the VPC.
        public let vpcId: String?

        public init(securityGroupIds: [String]? = nil, subnetIds: [String]? = nil, vpcId: String? = nil) {
            self.securityGroupIds = securityGroupIds
            self.subnetIds = subnetIds
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.securityGroupIds?.forEach {
                try validate($0, name: "securityGroupIds[]", parent: name, pattern: ".*\\S.*")
            }
            try self.subnetIds?.forEach {
                try validate($0, name: "subnetIds[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case securityGroupIds = "SecurityGroupIds"
            case subnetIds = "SubnetIds"
            case vpcId = "VpcId"
        }
    }

    public struct AwsLambdaLayerVersionDetails: AWSEncodableShape & AWSDecodableShape {
        /// The layer's compatible runtimes. Maximum number of five items. Valid values: nodejs10.x | nodejs12.x | java8 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | dotnetcore1.0 | dotnetcore2.1 | go1.x | ruby2.5 | provided
        public let compatibleRuntimes: [String]?
        /// Indicates when the version was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdDate: String?
        /// The version number.
        public let version: Int64?

        public init(compatibleRuntimes: [String]? = nil, createdDate: String? = nil, version: Int64? = nil) {
            self.compatibleRuntimes = compatibleRuntimes
            self.createdDate = createdDate
            self.version = version
        }

        public func validate(name: String) throws {
            try self.compatibleRuntimes?.forEach {
                try validate($0, name: "compatibleRuntimes[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.createdDate, name: "createdDate", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case compatibleRuntimes = "CompatibleRuntimes"
            case createdDate = "CreatedDate"
            case version = "Version"
        }
    }

    public struct AwsRdsDbClusterAssociatedRole: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the IAM role.
        public let roleArn: String?
        /// The status of the association between the IAM role and the DB cluster.
        public let status: String?

        public init(roleArn: String? = nil, status: String? = nil) {
            self.roleArn = roleArn
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.roleArn, name: "roleArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case roleArn = "RoleArn"
            case status = "Status"
        }
    }

    public struct AwsRdsDbClusterDetails: AWSEncodableShape & AWSDecodableShape {
        /// The status of the database activity stream.
        public let activityStreamStatus: String?
        /// For all database engines except Aurora, specifies the allocated storage size in gibibytes (GiB).
        public let allocatedStorage: Int?
        /// A list of the IAM roles that are associated with the DB cluster.
        public let associatedRoles: [AwsRdsDbClusterAssociatedRole]?
        /// A list of Availability Zones (AZs) where instances in the DB cluster can be created.
        public let availabilityZones: [String]?
        /// The number of days for which automated backups are retained.
        public let backupRetentionPeriod: Int?
        /// Indicates when the DB cluster was created, in Universal Coordinated Time (UTC). Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let clusterCreateTime: String?
        /// Whether tags are copied from the DB cluster to snapshots of the DB cluster.
        public let copyTagsToSnapshot: Bool?
        /// Whether the DB cluster is a clone of a DB cluster owned by a different AWS account.
        public let crossAccountClone: Bool?
        /// A list of custom endpoints for the DB cluster.
        public let customEndpoints: [String]?
        /// The name of the database.
        public let databaseName: String?
        /// The DB cluster identifier that the user assigned to the cluster. This identifier is the unique key that identifies a DB cluster.
        public let dbClusterIdentifier: String?
        /// The list of instances that make up the DB cluster.
        public let dbClusterMembers: [AwsRdsDbClusterMember]?
        /// The list of option group memberships for this DB cluster.
        public let dbClusterOptionGroupMemberships: [AwsRdsDbClusterOptionGroupMembership]?
        /// The name of the DB cluster parameter group for the DB cluster.
        public let dbClusterParameterGroup: String?
        /// The identifier of the DB cluster. The identifier must be unique within each AWS Region and is immutable.
        public let dbClusterResourceId: String?
        /// The subnet group that is associated with the DB cluster, including the name, description, and subnets in the subnet group.
        public let dbSubnetGroup: String?
        /// Whether the DB cluster has deletion protection enabled.
        public let deletionProtection: Bool?
        /// The Active Directory domain membership records that are associated with the DB cluster.
        public let domainMemberships: [AwsRdsDbDomainMembership]?
        /// A list of log types that this DB cluster is configured to export to CloudWatch Logs.
        public let enabledCloudWatchLogsExports: [String]?
        /// The connection endpoint for the primary instance of the DB cluster.
        public let endpoint: String?
        /// The name of the database engine to use for this DB cluster.
        public let engine: String?
        /// The database engine mode of the DB cluster.
        public let engineMode: String?
        /// The version number of the database engine to use.
        public let engineVersion: String?
        /// Specifies the identifier that Amazon Route 53 assigns when you create a hosted zone.
        public let hostedZoneId: String?
        /// Whether the HTTP endpoint for an Aurora Serverless DB cluster is enabled.
        public let httpEndpointEnabled: Bool?
        /// Whether the mapping of IAM accounts to database accounts is enabled.
        public let iamDatabaseAuthenticationEnabled: Bool?
        /// The ARN of the AWS KMS master key that is used to encrypt the database instances in the DB cluster.
        public let kmsKeyId: String?
        /// The name of the master user for the DB cluster.
        public let masterUsername: String?
        /// Whether the DB cluster has instances in multiple Availability Zones.
        public let multiAz: Bool?
        /// The port number on which the DB instances in the DB cluster accept connections.
        public let port: Int?
        /// The range of time each day when automated backups are created, if automated backups are enabled. Uses the format HH:MM-HH:MM. For example, 04:52-05:22.
        public let preferredBackupWindow: String?
        /// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). Uses the format &lt;day&gt;:HH:MM-&lt;day&gt;:HH:MM. For the day values, use mon|tue|wed|thu|fri|sat|sun. For example, sun:09:32-sun:10:02.
        public let preferredMaintenanceWindow: String?
        /// The reader endpoint for the DB cluster.
        public let readerEndpoint: String?
        /// The identifiers of the read replicas that are associated with this DB cluster.
        public let readReplicaIdentifiers: [String]?
        /// The current status of this DB cluster.
        public let status: String?
        /// Whether the DB cluster is encrypted.
        public let storageEncrypted: Bool?
        /// A list of VPC security groups that the DB cluster belongs to.
        public let vpcSecurityGroups: [AwsRdsDbInstanceVpcSecurityGroup]?

        public init(activityStreamStatus: String? = nil, allocatedStorage: Int? = nil, associatedRoles: [AwsRdsDbClusterAssociatedRole]? = nil, availabilityZones: [String]? = nil, backupRetentionPeriod: Int? = nil, clusterCreateTime: String? = nil, copyTagsToSnapshot: Bool? = nil, crossAccountClone: Bool? = nil, customEndpoints: [String]? = nil, databaseName: String? = nil, dbClusterIdentifier: String? = nil, dbClusterMembers: [AwsRdsDbClusterMember]? = nil, dbClusterOptionGroupMemberships: [AwsRdsDbClusterOptionGroupMembership]? = nil, dbClusterParameterGroup: String? = nil, dbClusterResourceId: String? = nil, dbSubnetGroup: String? = nil, deletionProtection: Bool? = nil, domainMemberships: [AwsRdsDbDomainMembership]? = nil, enabledCloudWatchLogsExports: [String]? = nil, endpoint: String? = nil, engine: String? = nil, engineMode: String? = nil, engineVersion: String? = nil, hostedZoneId: String? = nil, httpEndpointEnabled: Bool? = nil, iamDatabaseAuthenticationEnabled: Bool? = nil, kmsKeyId: String? = nil, masterUsername: String? = nil, multiAz: Bool? = nil, port: Int? = nil, preferredBackupWindow: String? = nil, preferredMaintenanceWindow: String? = nil, readerEndpoint: String? = nil, readReplicaIdentifiers: [String]? = nil, status: String? = nil, storageEncrypted: Bool? = nil, vpcSecurityGroups: [AwsRdsDbInstanceVpcSecurityGroup]? = nil) {
            self.activityStreamStatus = activityStreamStatus
            self.allocatedStorage = allocatedStorage
            self.associatedRoles = associatedRoles
            self.availabilityZones = availabilityZones
            self.backupRetentionPeriod = backupRetentionPeriod
            self.clusterCreateTime = clusterCreateTime
            self.copyTagsToSnapshot = copyTagsToSnapshot
            self.crossAccountClone = crossAccountClone
            self.customEndpoints = customEndpoints
            self.databaseName = databaseName
            self.dbClusterIdentifier = dbClusterIdentifier
            self.dbClusterMembers = dbClusterMembers
            self.dbClusterOptionGroupMemberships = dbClusterOptionGroupMemberships
            self.dbClusterParameterGroup = dbClusterParameterGroup
            self.dbClusterResourceId = dbClusterResourceId
            self.dbSubnetGroup = dbSubnetGroup
            self.deletionProtection = deletionProtection
            self.domainMemberships = domainMemberships
            self.enabledCloudWatchLogsExports = enabledCloudWatchLogsExports
            self.endpoint = endpoint
            self.engine = engine
            self.engineMode = engineMode
            self.engineVersion = engineVersion
            self.hostedZoneId = hostedZoneId
            self.httpEndpointEnabled = httpEndpointEnabled
            self.iamDatabaseAuthenticationEnabled = iamDatabaseAuthenticationEnabled
            self.kmsKeyId = kmsKeyId
            self.masterUsername = masterUsername
            self.multiAz = multiAz
            self.port = port
            self.preferredBackupWindow = preferredBackupWindow
            self.preferredMaintenanceWindow = preferredMaintenanceWindow
            self.readerEndpoint = readerEndpoint
            self.readReplicaIdentifiers = readReplicaIdentifiers
            self.status = status
            self.storageEncrypted = storageEncrypted
            self.vpcSecurityGroups = vpcSecurityGroups
        }

        public func validate(name: String) throws {
            try self.validate(self.activityStreamStatus, name: "activityStreamStatus", parent: name, pattern: ".*\\S.*")
            try self.associatedRoles?.forEach {
                try $0.validate(name: "\(name).associatedRoles[]")
            }
            try self.availabilityZones?.forEach {
                try validate($0, name: "availabilityZones[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.clusterCreateTime, name: "clusterCreateTime", parent: name, pattern: ".*\\S.*")
            try self.customEndpoints?.forEach {
                try validate($0, name: "customEndpoints[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.databaseName, name: "databaseName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbClusterIdentifier, name: "dbClusterIdentifier", parent: name, pattern: ".*\\S.*")
            try self.dbClusterMembers?.forEach {
                try $0.validate(name: "\(name).dbClusterMembers[]")
            }
            try self.dbClusterOptionGroupMemberships?.forEach {
                try $0.validate(name: "\(name).dbClusterOptionGroupMemberships[]")
            }
            try self.validate(self.dbClusterParameterGroup, name: "dbClusterParameterGroup", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbClusterResourceId, name: "dbClusterResourceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbSubnetGroup, name: "dbSubnetGroup", parent: name, pattern: ".*\\S.*")
            try self.domainMemberships?.forEach {
                try $0.validate(name: "\(name).domainMemberships[]")
            }
            try self.enabledCloudWatchLogsExports?.forEach {
                try validate($0, name: "enabledCloudWatchLogsExports[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.endpoint, name: "endpoint", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engine, name: "engine", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineMode, name: "engineMode", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineVersion, name: "engineVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.hostedZoneId, name: "hostedZoneId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUsername, name: "masterUsername", parent: name, pattern: ".*\\S.*")
            try self.validate(self.preferredBackupWindow, name: "preferredBackupWindow", parent: name, pattern: ".*\\S.*")
            try self.validate(self.preferredMaintenanceWindow, name: "preferredMaintenanceWindow", parent: name, pattern: ".*\\S.*")
            try self.validate(self.readerEndpoint, name: "readerEndpoint", parent: name, pattern: ".*\\S.*")
            try self.readReplicaIdentifiers?.forEach {
                try validate($0, name: "readReplicaIdentifiers[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.vpcSecurityGroups?.forEach {
                try $0.validate(name: "\(name).vpcSecurityGroups[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case activityStreamStatus = "ActivityStreamStatus"
            case allocatedStorage = "AllocatedStorage"
            case associatedRoles = "AssociatedRoles"
            case availabilityZones = "AvailabilityZones"
            case backupRetentionPeriod = "BackupRetentionPeriod"
            case clusterCreateTime = "ClusterCreateTime"
            case copyTagsToSnapshot = "CopyTagsToSnapshot"
            case crossAccountClone = "CrossAccountClone"
            case customEndpoints = "CustomEndpoints"
            case databaseName = "DatabaseName"
            case dbClusterIdentifier = "DbClusterIdentifier"
            case dbClusterMembers = "DbClusterMembers"
            case dbClusterOptionGroupMemberships = "DbClusterOptionGroupMemberships"
            case dbClusterParameterGroup = "DbClusterParameterGroup"
            case dbClusterResourceId = "DbClusterResourceId"
            case dbSubnetGroup = "DbSubnetGroup"
            case deletionProtection = "DeletionProtection"
            case domainMemberships = "DomainMemberships"
            case enabledCloudWatchLogsExports = "EnabledCloudWatchLogsExports"
            case endpoint = "Endpoint"
            case engine = "Engine"
            case engineMode = "EngineMode"
            case engineVersion = "EngineVersion"
            case hostedZoneId = "HostedZoneId"
            case httpEndpointEnabled = "HttpEndpointEnabled"
            case iamDatabaseAuthenticationEnabled = "IamDatabaseAuthenticationEnabled"
            case kmsKeyId = "KmsKeyId"
            case masterUsername = "MasterUsername"
            case multiAz = "MultiAz"
            case port = "Port"
            case preferredBackupWindow = "PreferredBackupWindow"
            case preferredMaintenanceWindow = "PreferredMaintenanceWindow"
            case readerEndpoint = "ReaderEndpoint"
            case readReplicaIdentifiers = "ReadReplicaIdentifiers"
            case status = "Status"
            case storageEncrypted = "StorageEncrypted"
            case vpcSecurityGroups = "VpcSecurityGroups"
        }
    }

    public struct AwsRdsDbClusterMember: AWSEncodableShape & AWSDecodableShape {
        /// The status of the DB cluster parameter group for this member of the DB cluster.
        public let dbClusterParameterGroupStatus: String?
        /// The instance identifier for this member of the DB cluster.
        public let dbInstanceIdentifier: String?
        /// Whether the cluster member is the primary instance for the DB cluster.
        public let isClusterWriter: Bool?
        /// Specifies the order in which an Aurora replica is promoted to the primary instance when the existing primary instance fails.
        public let promotionTier: Int?

        public init(dbClusterParameterGroupStatus: String? = nil, dbInstanceIdentifier: String? = nil, isClusterWriter: Bool? = nil, promotionTier: Int? = nil) {
            self.dbClusterParameterGroupStatus = dbClusterParameterGroupStatus
            self.dbInstanceIdentifier = dbInstanceIdentifier
            self.isClusterWriter = isClusterWriter
            self.promotionTier = promotionTier
        }

        public func validate(name: String) throws {
            try self.validate(self.dbClusterParameterGroupStatus, name: "dbClusterParameterGroupStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbInstanceIdentifier, name: "dbInstanceIdentifier", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dbClusterParameterGroupStatus = "DbClusterParameterGroupStatus"
            case dbInstanceIdentifier = "DbInstanceIdentifier"
            case isClusterWriter = "IsClusterWriter"
            case promotionTier = "PromotionTier"
        }
    }

    public struct AwsRdsDbClusterOptionGroupMembership: AWSEncodableShape & AWSDecodableShape {
        /// The name of the DB cluster option group.
        public let dbClusterOptionGroupName: String?
        /// The status of the DB cluster option group.
        public let status: String?

        public init(dbClusterOptionGroupName: String? = nil, status: String? = nil) {
            self.dbClusterOptionGroupName = dbClusterOptionGroupName
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.dbClusterOptionGroupName, name: "dbClusterOptionGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dbClusterOptionGroupName = "DbClusterOptionGroupName"
            case status = "Status"
        }
    }

    public struct AwsRdsDbClusterSnapshotDetails: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the allocated storage size in gibibytes (GiB).
        public let allocatedStorage: Int?
        /// A list of Availability Zones where instances in the DB cluster can be created.
        public let availabilityZones: [String]?
        /// Indicates when the DB cluster was created, in Universal Coordinated Time (UTC). Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let clusterCreateTime: String?
        /// The DB cluster identifier.
        public let dbClusterIdentifier: String?
        /// The identifier of the DB cluster snapshot.
        public let dbClusterSnapshotIdentifier: String?
        /// The name of the database engine that you want to use for this DB instance.
        public let engine: String?
        /// The version of the database engine to use.
        public let engineVersion: String?
        /// Whether mapping of IAM accounts to database accounts is enabled.
        public let iamDatabaseAuthenticationEnabled: Bool?
        /// The ARN of the AWS KMS master key that is used to encrypt the database instances in the DB cluster.
        public let kmsKeyId: String?
        /// The license model information for this DB cluster snapshot.
        public let licenseModel: String?
        /// The name of the master user for the DB cluster.
        public let masterUsername: String?
        /// Specifies the percentage of the estimated data that has been transferred.
        public let percentProgress: Int?
        /// The port number on which the DB instances in the DB cluster accept connections.
        public let port: Int?
        /// Indicates when the snapshot was taken. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let snapshotCreateTime: String?
        /// The type of DB cluster snapshot.
        public let snapshotType: String?
        /// The status of this DB cluster snapshot.
        public let status: String?
        /// Whether the DB cluster is encrypted.
        public let storageEncrypted: Bool?
        /// The VPC ID that is associated with the DB cluster snapshot.
        public let vpcId: String?

        public init(allocatedStorage: Int? = nil, availabilityZones: [String]? = nil, clusterCreateTime: String? = nil, dbClusterIdentifier: String? = nil, dbClusterSnapshotIdentifier: String? = nil, engine: String? = nil, engineVersion: String? = nil, iamDatabaseAuthenticationEnabled: Bool? = nil, kmsKeyId: String? = nil, licenseModel: String? = nil, masterUsername: String? = nil, percentProgress: Int? = nil, port: Int? = nil, snapshotCreateTime: String? = nil, snapshotType: String? = nil, status: String? = nil, storageEncrypted: Bool? = nil, vpcId: String? = nil) {
            self.allocatedStorage = allocatedStorage
            self.availabilityZones = availabilityZones
            self.clusterCreateTime = clusterCreateTime
            self.dbClusterIdentifier = dbClusterIdentifier
            self.dbClusterSnapshotIdentifier = dbClusterSnapshotIdentifier
            self.engine = engine
            self.engineVersion = engineVersion
            self.iamDatabaseAuthenticationEnabled = iamDatabaseAuthenticationEnabled
            self.kmsKeyId = kmsKeyId
            self.licenseModel = licenseModel
            self.masterUsername = masterUsername
            self.percentProgress = percentProgress
            self.port = port
            self.snapshotCreateTime = snapshotCreateTime
            self.snapshotType = snapshotType
            self.status = status
            self.storageEncrypted = storageEncrypted
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.availabilityZones?.forEach {
                try validate($0, name: "availabilityZones[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.clusterCreateTime, name: "clusterCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbClusterIdentifier, name: "dbClusterIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbClusterSnapshotIdentifier, name: "dbClusterSnapshotIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engine, name: "engine", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineVersion, name: "engineVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.licenseModel, name: "licenseModel", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUsername, name: "masterUsername", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotCreateTime, name: "snapshotCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotType, name: "snapshotType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case allocatedStorage = "AllocatedStorage"
            case availabilityZones = "AvailabilityZones"
            case clusterCreateTime = "ClusterCreateTime"
            case dbClusterIdentifier = "DbClusterIdentifier"
            case dbClusterSnapshotIdentifier = "DbClusterSnapshotIdentifier"
            case engine = "Engine"
            case engineVersion = "EngineVersion"
            case iamDatabaseAuthenticationEnabled = "IamDatabaseAuthenticationEnabled"
            case kmsKeyId = "KmsKeyId"
            case licenseModel = "LicenseModel"
            case masterUsername = "MasterUsername"
            case percentProgress = "PercentProgress"
            case port = "Port"
            case snapshotCreateTime = "SnapshotCreateTime"
            case snapshotType = "SnapshotType"
            case status = "Status"
            case storageEncrypted = "StorageEncrypted"
            case vpcId = "VpcId"
        }
    }

    public struct AwsRdsDbDomainMembership: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the Active Directory domain.
        public let domain: String?
        /// The fully qualified domain name of the Active Directory domain.
        public let fqdn: String?
        /// The name of the IAM role to use when making API calls to the Directory Service.
        public let iamRoleName: String?
        /// The status of the Active Directory Domain membership for the DB instance.
        public let status: String?

        public init(domain: String? = nil, fqdn: String? = nil, iamRoleName: String? = nil, status: String? = nil) {
            self.domain = domain
            self.fqdn = fqdn
            self.iamRoleName = iamRoleName
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.domain, name: "domain", parent: name, pattern: ".*\\S.*")
            try self.validate(self.fqdn, name: "fqdn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.iamRoleName, name: "iamRoleName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case domain = "Domain"
            case fqdn = "Fqdn"
            case iamRoleName = "IamRoleName"
            case status = "Status"
        }
    }

    public struct AwsRdsDbInstanceAssociatedRole: AWSEncodableShape & AWSDecodableShape {
        /// The name of the feature associated with the IAM)role.
        public let featureName: String?
        /// The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.
        public let roleArn: String?
        /// Describes the state of the association between the IAM role and the DB instance. The Status property returns one of the following values:    ACTIVE - The IAM role ARN is associated with the DB instance and can be used to access other AWS services on your behalf.    PENDING - The IAM role ARN is being associated with the DB instance.    INVALID - The IAM role ARN is associated with the DB instance. But the DB instance is unable to assume the IAM role in order to access other AWS services on your behalf.
        public let status: String?

        public init(featureName: String? = nil, roleArn: String? = nil, status: String? = nil) {
            self.featureName = featureName
            self.roleArn = roleArn
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.featureName, name: "featureName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.roleArn, name: "roleArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case featureName = "FeatureName"
            case roleArn = "RoleArn"
            case status = "Status"
        }
    }

    public struct AwsRdsDbInstanceDetails: AWSEncodableShape & AWSDecodableShape {
        /// The amount of storage (in gigabytes) to initially allocate for the DB instance.
        public let allocatedStorage: Int?
        /// The AWS Identity and Access Management (IAM) roles associated with the DB instance.
        public let associatedRoles: [AwsRdsDbInstanceAssociatedRole]?
        /// Indicates whether minor version patches are applied automatically.
        public let autoMinorVersionUpgrade: Bool?
        /// The Availability Zone where the DB instance will be created.
        public let availabilityZone: String?
        /// The number of days for which to retain automated backups.
        public let backupRetentionPeriod: Int?
        /// The identifier of the CA certificate for this DB instance.
        public let cACertificateIdentifier: String?
        /// The name of the character set that this DB instance is associated with.
        public let characterSetName: String?
        /// Whether to copy resource tags to snapshots of the DB instance.
        public let copyTagsToSnapshot: Bool?
        /// If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.
        public let dBClusterIdentifier: String?
        /// Contains the name of the compute and memory capacity class of the DB instance.
        public let dBInstanceClass: String?
        /// Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.
        public let dBInstanceIdentifier: String?
        /// Specifies the port that the DB instance listens on. If the DB instance is part of a DB cluster, this can be a different port than the DB cluster port.
        public let dbInstancePort: Int?
        /// The current status of the DB instance.
        public let dbInstanceStatus: String?
        /// The AWS Region-unique, immutable identifier for the DB instance. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed.
        public let dbiResourceId: String?
        /// The meaning of this parameter differs according to the database engine you use.  MySQL, MariaDB, SQL Server, PostgreSQL  Contains the name of the initial database of this instance that was provided at create time, if one was specified when the DB instance was created. This same name is returned for the life of the DB instance.  Oracle  Contains the Oracle System ID (SID) of the created DB instance. Not shown when the returned parameters do not apply to an Oracle DB instance.
        public let dBName: String?
        /// A list of the DB parameter groups to assign to the DB instance.
        public let dbParameterGroups: [AwsRdsDbParameterGroup]?
        /// A list of the DB security groups to assign to the DB instance.
        public let dbSecurityGroups: [String]?
        /// Information about the subnet group that is associated with the DB instance.
        public let dbSubnetGroup: AwsRdsDbSubnetGroup?
        /// Indicates whether the DB instance has deletion protection enabled. When deletion protection is enabled, the database cannot be deleted.
        public let deletionProtection: Bool?
        /// The Active Directory domain membership records associated with the DB instance.
        public let domainMemberships: [AwsRdsDbDomainMembership]?
        /// A list of log types that this DB instance is configured to export to CloudWatch Logs.
        public let enabledCloudWatchLogsExports: [String]?
        /// Specifies the connection endpoint.
        public let endpoint: AwsRdsDbInstanceEndpoint?
        /// Provides the name of the database engine to use for this DB instance.
        public let engine: String?
        /// Indicates the database engine version.
        public let engineVersion: String?
        /// The ARN of the CloudWatch Logs log stream that receives the enhanced monitoring metrics data for the DB instance.
        public let enhancedMonitoringResourceArn: String?
        /// True if mapping of AWS Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false. IAM database authentication can be enabled for the following database engines.   For MySQL 5.6, minor version 5.6.34 or higher   For MySQL 5.7, minor version 5.7.16 or higher   Aurora 5.6 or higher
        public let iAMDatabaseAuthenticationEnabled: Bool?
        /// Indicates when the DB instance was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let instanceCreateTime: String?
        /// Specifies the provisioned IOPS (I/O operations per second) for this DB instance.
        public let iops: Int?
        /// If StorageEncrypted is true, the AWS KMS key identifier for the encrypted DB instance.
        public let kmsKeyId: String?
        /// Specifies the latest time to which a database can be restored with point-in-time restore. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let latestRestorableTime: String?
        /// License model information for this DB instance.
        public let licenseModel: String?
        public let listenerEndpoint: AwsRdsDbInstanceEndpoint?
        /// The master user name of the DB instance.
        public let masterUsername: String?
        /// The upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
        public let maxAllocatedStorage: Int?
        /// The interval, in seconds, between points when enhanced monitoring metrics are collected for the DB instance.
        public let monitoringInterval: Int?
        /// The ARN for the IAM role that permits Amazon RDS to send enhanced monitoring metrics to CloudWatch Logs.
        public let monitoringRoleArn: String?
        /// Whether the DB instance is a multiple Availability Zone deployment.
        public let multiAz: Bool?
        /// The list of option group memberships for this DB instance.
        public let optionGroupMemberships: [AwsRdsDbOptionGroupMembership]?
        /// Changes to the DB instance that are currently pending.
        public let pendingModifiedValues: AwsRdsDbPendingModifiedValues?
        /// Indicates whether Performance Insights is enabled for the DB instance.
        public let performanceInsightsEnabled: Bool?
        /// The identifier of the AWS KMS key used to encrypt the Performance Insights data.
        public let performanceInsightsKmsKeyId: String?
        /// The number of days to retain Performance Insights data.
        public let performanceInsightsRetentionPeriod: Int?
        /// The range of time each day when automated backups are created, if automated backups are enabled. Uses the format HH:MM-HH:MM. For example, 04:52-05:22.
        public let preferredBackupWindow: String?
        /// The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). Uses the format &lt;day&gt;:HH:MM-&lt;day&gt;:HH:MM. For the day values, use mon|tue|wed|thu|fri|sat|sun. For example, sun:09:32-sun:10:02.
        public let preferredMaintenanceWindow: String?
        /// The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.
        public let processorFeatures: [AwsRdsDbProcessorFeature]?
        /// The order in which to promote an Aurora replica to the primary instance after a failure of the existing primary instance.
        public let promotionTier: Int?
        /// Specifies the accessibility options for the DB instance. A value of true specifies an Internet-facing instance with a publicly resolvable DNS name, which resolves to a public IP address. A value of false specifies an internal instance with a DNS name that resolves to a private IP address.
        public let publiclyAccessible: Bool?
        /// List of identifiers of Aurora DB clusters to which the RDS DB instance is replicated as a read replica.
        public let readReplicaDBClusterIdentifiers: [String]?
        /// List of identifiers of the read replicas associated with this DB instance.
        public let readReplicaDBInstanceIdentifiers: [String]?
        /// If this DB instance is a read replica, contains the identifier of the source DB instance.
        public let readReplicaSourceDBInstanceIdentifier: String?
        /// For a DB instance with multi-Availability Zone support, the name of the secondary Availability Zone.
        public let secondaryAvailabilityZone: String?
        /// The status of a read replica. If the instance isn't a read replica, this is empty.
        public let statusInfos: [AwsRdsDbStatusInfo]?
        /// Specifies whether the DB instance is encrypted.
        public let storageEncrypted: Bool?
        /// The storage type for the DB instance.
        public let storageType: String?
        /// The ARN from the key store with which the instance is associated for TDE encryption.
        public let tdeCredentialArn: String?
        /// The time zone of the DB instance.
        public let timezone: String?
        /// A list of VPC security groups that the DB instance belongs to.
        public let vpcSecurityGroups: [AwsRdsDbInstanceVpcSecurityGroup]?

        public init(allocatedStorage: Int? = nil, associatedRoles: [AwsRdsDbInstanceAssociatedRole]? = nil, autoMinorVersionUpgrade: Bool? = nil, availabilityZone: String? = nil, backupRetentionPeriod: Int? = nil, cACertificateIdentifier: String? = nil, characterSetName: String? = nil, copyTagsToSnapshot: Bool? = nil, dBClusterIdentifier: String? = nil, dBInstanceClass: String? = nil, dBInstanceIdentifier: String? = nil, dbInstancePort: Int? = nil, dbInstanceStatus: String? = nil, dbiResourceId: String? = nil, dBName: String? = nil, dbParameterGroups: [AwsRdsDbParameterGroup]? = nil, dbSecurityGroups: [String]? = nil, dbSubnetGroup: AwsRdsDbSubnetGroup? = nil, deletionProtection: Bool? = nil, domainMemberships: [AwsRdsDbDomainMembership]? = nil, enabledCloudWatchLogsExports: [String]? = nil, endpoint: AwsRdsDbInstanceEndpoint? = nil, engine: String? = nil, engineVersion: String? = nil, enhancedMonitoringResourceArn: String? = nil, iAMDatabaseAuthenticationEnabled: Bool? = nil, instanceCreateTime: String? = nil, iops: Int? = nil, kmsKeyId: String? = nil, latestRestorableTime: String? = nil, licenseModel: String? = nil, listenerEndpoint: AwsRdsDbInstanceEndpoint? = nil, masterUsername: String? = nil, maxAllocatedStorage: Int? = nil, monitoringInterval: Int? = nil, monitoringRoleArn: String? = nil, multiAz: Bool? = nil, optionGroupMemberships: [AwsRdsDbOptionGroupMembership]? = nil, pendingModifiedValues: AwsRdsDbPendingModifiedValues? = nil, performanceInsightsEnabled: Bool? = nil, performanceInsightsKmsKeyId: String? = nil, performanceInsightsRetentionPeriod: Int? = nil, preferredBackupWindow: String? = nil, preferredMaintenanceWindow: String? = nil, processorFeatures: [AwsRdsDbProcessorFeature]? = nil, promotionTier: Int? = nil, publiclyAccessible: Bool? = nil, readReplicaDBClusterIdentifiers: [String]? = nil, readReplicaDBInstanceIdentifiers: [String]? = nil, readReplicaSourceDBInstanceIdentifier: String? = nil, secondaryAvailabilityZone: String? = nil, statusInfos: [AwsRdsDbStatusInfo]? = nil, storageEncrypted: Bool? = nil, storageType: String? = nil, tdeCredentialArn: String? = nil, timezone: String? = nil, vpcSecurityGroups: [AwsRdsDbInstanceVpcSecurityGroup]? = nil) {
            self.allocatedStorage = allocatedStorage
            self.associatedRoles = associatedRoles
            self.autoMinorVersionUpgrade = autoMinorVersionUpgrade
            self.availabilityZone = availabilityZone
            self.backupRetentionPeriod = backupRetentionPeriod
            self.cACertificateIdentifier = cACertificateIdentifier
            self.characterSetName = characterSetName
            self.copyTagsToSnapshot = copyTagsToSnapshot
            self.dBClusterIdentifier = dBClusterIdentifier
            self.dBInstanceClass = dBInstanceClass
            self.dBInstanceIdentifier = dBInstanceIdentifier
            self.dbInstancePort = dbInstancePort
            self.dbInstanceStatus = dbInstanceStatus
            self.dbiResourceId = dbiResourceId
            self.dBName = dBName
            self.dbParameterGroups = dbParameterGroups
            self.dbSecurityGroups = dbSecurityGroups
            self.dbSubnetGroup = dbSubnetGroup
            self.deletionProtection = deletionProtection
            self.domainMemberships = domainMemberships
            self.enabledCloudWatchLogsExports = enabledCloudWatchLogsExports
            self.endpoint = endpoint
            self.engine = engine
            self.engineVersion = engineVersion
            self.enhancedMonitoringResourceArn = enhancedMonitoringResourceArn
            self.iAMDatabaseAuthenticationEnabled = iAMDatabaseAuthenticationEnabled
            self.instanceCreateTime = instanceCreateTime
            self.iops = iops
            self.kmsKeyId = kmsKeyId
            self.latestRestorableTime = latestRestorableTime
            self.licenseModel = licenseModel
            self.listenerEndpoint = listenerEndpoint
            self.masterUsername = masterUsername
            self.maxAllocatedStorage = maxAllocatedStorage
            self.monitoringInterval = monitoringInterval
            self.monitoringRoleArn = monitoringRoleArn
            self.multiAz = multiAz
            self.optionGroupMemberships = optionGroupMemberships
            self.pendingModifiedValues = pendingModifiedValues
            self.performanceInsightsEnabled = performanceInsightsEnabled
            self.performanceInsightsKmsKeyId = performanceInsightsKmsKeyId
            self.performanceInsightsRetentionPeriod = performanceInsightsRetentionPeriod
            self.preferredBackupWindow = preferredBackupWindow
            self.preferredMaintenanceWindow = preferredMaintenanceWindow
            self.processorFeatures = processorFeatures
            self.promotionTier = promotionTier
            self.publiclyAccessible = publiclyAccessible
            self.readReplicaDBClusterIdentifiers = readReplicaDBClusterIdentifiers
            self.readReplicaDBInstanceIdentifiers = readReplicaDBInstanceIdentifiers
            self.readReplicaSourceDBInstanceIdentifier = readReplicaSourceDBInstanceIdentifier
            self.secondaryAvailabilityZone = secondaryAvailabilityZone
            self.statusInfos = statusInfos
            self.storageEncrypted = storageEncrypted
            self.storageType = storageType
            self.tdeCredentialArn = tdeCredentialArn
            self.timezone = timezone
            self.vpcSecurityGroups = vpcSecurityGroups
        }

        public func validate(name: String) throws {
            try self.associatedRoles?.forEach {
                try $0.validate(name: "\(name).associatedRoles[]")
            }
            try self.validate(self.availabilityZone, name: "availabilityZone", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cACertificateIdentifier, name: "cACertificateIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.characterSetName, name: "characterSetName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dBClusterIdentifier, name: "dBClusterIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dBInstanceClass, name: "dBInstanceClass", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dBInstanceIdentifier, name: "dBInstanceIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbInstanceStatus, name: "dbInstanceStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbiResourceId, name: "dbiResourceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dBName, name: "dBName", parent: name, pattern: ".*\\S.*")
            try self.dbParameterGroups?.forEach {
                try $0.validate(name: "\(name).dbParameterGroups[]")
            }
            try self.dbSecurityGroups?.forEach {
                try validate($0, name: "dbSecurityGroups[]", parent: name, pattern: ".*\\S.*")
            }
            try self.dbSubnetGroup?.validate(name: "\(name).dbSubnetGroup")
            try self.domainMemberships?.forEach {
                try $0.validate(name: "\(name).domainMemberships[]")
            }
            try self.enabledCloudWatchLogsExports?.forEach {
                try validate($0, name: "enabledCloudWatchLogsExports[]", parent: name, pattern: ".*\\S.*")
            }
            try self.endpoint?.validate(name: "\(name).endpoint")
            try self.validate(self.engine, name: "engine", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineVersion, name: "engineVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.enhancedMonitoringResourceArn, name: "enhancedMonitoringResourceArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceCreateTime, name: "instanceCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.latestRestorableTime, name: "latestRestorableTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.licenseModel, name: "licenseModel", parent: name, pattern: ".*\\S.*")
            try self.listenerEndpoint?.validate(name: "\(name).listenerEndpoint")
            try self.validate(self.masterUsername, name: "masterUsername", parent: name, pattern: ".*\\S.*")
            try self.validate(self.monitoringRoleArn, name: "monitoringRoleArn", parent: name, pattern: ".*\\S.*")
            try self.optionGroupMemberships?.forEach {
                try $0.validate(name: "\(name).optionGroupMemberships[]")
            }
            try self.pendingModifiedValues?.validate(name: "\(name).pendingModifiedValues")
            try self.validate(self.performanceInsightsKmsKeyId, name: "performanceInsightsKmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.preferredBackupWindow, name: "preferredBackupWindow", parent: name, pattern: ".*\\S.*")
            try self.validate(self.preferredMaintenanceWindow, name: "preferredMaintenanceWindow", parent: name, pattern: ".*\\S.*")
            try self.processorFeatures?.forEach {
                try $0.validate(name: "\(name).processorFeatures[]")
            }
            try self.readReplicaDBClusterIdentifiers?.forEach {
                try validate($0, name: "readReplicaDBClusterIdentifiers[]", parent: name, pattern: ".*\\S.*")
            }
            try self.readReplicaDBInstanceIdentifiers?.forEach {
                try validate($0, name: "readReplicaDBInstanceIdentifiers[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.readReplicaSourceDBInstanceIdentifier, name: "readReplicaSourceDBInstanceIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.secondaryAvailabilityZone, name: "secondaryAvailabilityZone", parent: name, pattern: ".*\\S.*")
            try self.statusInfos?.forEach {
                try $0.validate(name: "\(name).statusInfos[]")
            }
            try self.validate(self.storageType, name: "storageType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.tdeCredentialArn, name: "tdeCredentialArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.timezone, name: "timezone", parent: name, pattern: ".*\\S.*")
            try self.vpcSecurityGroups?.forEach {
                try $0.validate(name: "\(name).vpcSecurityGroups[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case allocatedStorage = "AllocatedStorage"
            case associatedRoles = "AssociatedRoles"
            case autoMinorVersionUpgrade = "AutoMinorVersionUpgrade"
            case availabilityZone = "AvailabilityZone"
            case backupRetentionPeriod = "BackupRetentionPeriod"
            case cACertificateIdentifier = "CACertificateIdentifier"
            case characterSetName = "CharacterSetName"
            case copyTagsToSnapshot = "CopyTagsToSnapshot"
            case dBClusterIdentifier = "DBClusterIdentifier"
            case dBInstanceClass = "DBInstanceClass"
            case dBInstanceIdentifier = "DBInstanceIdentifier"
            case dbInstancePort = "DbInstancePort"
            case dbInstanceStatus = "DbInstanceStatus"
            case dbiResourceId = "DbiResourceId"
            case dBName = "DBName"
            case dbParameterGroups = "DbParameterGroups"
            case dbSecurityGroups = "DbSecurityGroups"
            case dbSubnetGroup = "DbSubnetGroup"
            case deletionProtection = "DeletionProtection"
            case domainMemberships = "DomainMemberships"
            case enabledCloudWatchLogsExports = "EnabledCloudWatchLogsExports"
            case endpoint = "Endpoint"
            case engine = "Engine"
            case engineVersion = "EngineVersion"
            case enhancedMonitoringResourceArn = "EnhancedMonitoringResourceArn"
            case iAMDatabaseAuthenticationEnabled = "IAMDatabaseAuthenticationEnabled"
            case instanceCreateTime = "InstanceCreateTime"
            case iops = "Iops"
            case kmsKeyId = "KmsKeyId"
            case latestRestorableTime = "LatestRestorableTime"
            case licenseModel = "LicenseModel"
            case listenerEndpoint = "ListenerEndpoint"
            case masterUsername = "MasterUsername"
            case maxAllocatedStorage = "MaxAllocatedStorage"
            case monitoringInterval = "MonitoringInterval"
            case monitoringRoleArn = "MonitoringRoleArn"
            case multiAz = "MultiAz"
            case optionGroupMemberships = "OptionGroupMemberships"
            case pendingModifiedValues = "PendingModifiedValues"
            case performanceInsightsEnabled = "PerformanceInsightsEnabled"
            case performanceInsightsKmsKeyId = "PerformanceInsightsKmsKeyId"
            case performanceInsightsRetentionPeriod = "PerformanceInsightsRetentionPeriod"
            case preferredBackupWindow = "PreferredBackupWindow"
            case preferredMaintenanceWindow = "PreferredMaintenanceWindow"
            case processorFeatures = "ProcessorFeatures"
            case promotionTier = "PromotionTier"
            case publiclyAccessible = "PubliclyAccessible"
            case readReplicaDBClusterIdentifiers = "ReadReplicaDBClusterIdentifiers"
            case readReplicaDBInstanceIdentifiers = "ReadReplicaDBInstanceIdentifiers"
            case readReplicaSourceDBInstanceIdentifier = "ReadReplicaSourceDBInstanceIdentifier"
            case secondaryAvailabilityZone = "SecondaryAvailabilityZone"
            case statusInfos = "StatusInfos"
            case storageEncrypted = "StorageEncrypted"
            case storageType = "StorageType"
            case tdeCredentialArn = "TdeCredentialArn"
            case timezone = "Timezone"
            case vpcSecurityGroups = "VpcSecurityGroups"
        }
    }

    public struct AwsRdsDbInstanceEndpoint: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the DNS address of the DB instance.
        public let address: String?
        /// Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.
        public let hostedZoneId: String?
        /// Specifies the port that the database engine is listening on.
        public let port: Int?

        public init(address: String? = nil, hostedZoneId: String? = nil, port: Int? = nil) {
            self.address = address
            self.hostedZoneId = hostedZoneId
            self.port = port
        }

        public func validate(name: String) throws {
            try self.validate(self.address, name: "address", parent: name, pattern: ".*\\S.*")
            try self.validate(self.hostedZoneId, name: "hostedZoneId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case address = "Address"
            case hostedZoneId = "HostedZoneId"
            case port = "Port"
        }
    }

    public struct AwsRdsDbInstanceVpcSecurityGroup: AWSEncodableShape & AWSDecodableShape {
        /// The status of the VPC security group.
        public let status: String?
        /// The name of the VPC security group.
        public let vpcSecurityGroupId: String?

        public init(status: String? = nil, vpcSecurityGroupId: String? = nil) {
            self.status = status
            self.vpcSecurityGroupId = vpcSecurityGroupId
        }

        public func validate(name: String) throws {
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcSecurityGroupId, name: "vpcSecurityGroupId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
            case vpcSecurityGroupId = "VpcSecurityGroupId"
        }
    }

    public struct AwsRdsDbOptionGroupMembership: AWSEncodableShape & AWSDecodableShape {
        /// The name of the option group.
        public let optionGroupName: String?
        /// The status of the option group membership.
        public let status: String?

        public init(optionGroupName: String? = nil, status: String? = nil) {
            self.optionGroupName = optionGroupName
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.optionGroupName, name: "optionGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case optionGroupName = "OptionGroupName"
            case status = "Status"
        }
    }

    public struct AwsRdsDbParameterGroup: AWSEncodableShape & AWSDecodableShape {
        /// The name of the parameter group.
        public let dbParameterGroupName: String?
        /// The status of parameter updates.
        public let parameterApplyStatus: String?

        public init(dbParameterGroupName: String? = nil, parameterApplyStatus: String? = nil) {
            self.dbParameterGroupName = dbParameterGroupName
            self.parameterApplyStatus = parameterApplyStatus
        }

        public func validate(name: String) throws {
            try self.validate(self.dbParameterGroupName, name: "dbParameterGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.parameterApplyStatus, name: "parameterApplyStatus", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dbParameterGroupName = "DbParameterGroupName"
            case parameterApplyStatus = "ParameterApplyStatus"
        }
    }

    public struct AwsRdsDbPendingModifiedValues: AWSEncodableShape & AWSDecodableShape {
        /// The new value of the allocated storage for the DB instance.
        public let allocatedStorage: Int?
        /// The new backup retention period for the DB instance.
        public let backupRetentionPeriod: Int?
        /// The new CA certificate identifier for the DB instance.
        public let caCertificateIdentifier: String?
        /// The new DB instance class for the DB instance.
        public let dbInstanceClass: String?
        /// The new DB instance identifier for the DB instance.
        public let dbInstanceIdentifier: String?
        /// The name of the new subnet group for the DB instance.
        public let dbSubnetGroupName: String?
        /// The new engine version for the DB instance.
        public let engineVersion: String?
        /// The new provisioned IOPS value for the DB instance.
        public let iops: Int?
        /// The new license model value for the DB instance.
        public let licenseModel: String?
        /// The new master user password for the DB instance.
        public let masterUserPassword: String?
        /// Indicates that a single Availability Zone DB instance is changing to a multiple Availability Zone deployment.
        public let multiAZ: Bool?
        /// A list of log types that are being enabled or disabled.
        public let pendingCloudWatchLogsExports: AwsRdsPendingCloudWatchLogsExports?
        /// The new port for the DB instance.
        public let port: Int?
        /// Processor features that are being updated.
        public let processorFeatures: [AwsRdsDbProcessorFeature]?
        /// The new storage type for the DB instance.
        public let storageType: String?

        public init(allocatedStorage: Int? = nil, backupRetentionPeriod: Int? = nil, caCertificateIdentifier: String? = nil, dbInstanceClass: String? = nil, dbInstanceIdentifier: String? = nil, dbSubnetGroupName: String? = nil, engineVersion: String? = nil, iops: Int? = nil, licenseModel: String? = nil, masterUserPassword: String? = nil, multiAZ: Bool? = nil, pendingCloudWatchLogsExports: AwsRdsPendingCloudWatchLogsExports? = nil, port: Int? = nil, processorFeatures: [AwsRdsDbProcessorFeature]? = nil, storageType: String? = nil) {
            self.allocatedStorage = allocatedStorage
            self.backupRetentionPeriod = backupRetentionPeriod
            self.caCertificateIdentifier = caCertificateIdentifier
            self.dbInstanceClass = dbInstanceClass
            self.dbInstanceIdentifier = dbInstanceIdentifier
            self.dbSubnetGroupName = dbSubnetGroupName
            self.engineVersion = engineVersion
            self.iops = iops
            self.licenseModel = licenseModel
            self.masterUserPassword = masterUserPassword
            self.multiAZ = multiAZ
            self.pendingCloudWatchLogsExports = pendingCloudWatchLogsExports
            self.port = port
            self.processorFeatures = processorFeatures
            self.storageType = storageType
        }

        public func validate(name: String) throws {
            try self.validate(self.caCertificateIdentifier, name: "caCertificateIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbInstanceClass, name: "dbInstanceClass", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbInstanceIdentifier, name: "dbInstanceIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbSubnetGroupName, name: "dbSubnetGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineVersion, name: "engineVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.licenseModel, name: "licenseModel", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUserPassword, name: "masterUserPassword", parent: name, pattern: ".*\\S.*")
            try self.pendingCloudWatchLogsExports?.validate(name: "\(name).pendingCloudWatchLogsExports")
            try self.processorFeatures?.forEach {
                try $0.validate(name: "\(name).processorFeatures[]")
            }
            try self.validate(self.storageType, name: "storageType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case allocatedStorage = "AllocatedStorage"
            case backupRetentionPeriod = "BackupRetentionPeriod"
            case caCertificateIdentifier = "CaCertificateIdentifier"
            case dbInstanceClass = "DbInstanceClass"
            case dbInstanceIdentifier = "DbInstanceIdentifier"
            case dbSubnetGroupName = "DbSubnetGroupName"
            case engineVersion = "EngineVersion"
            case iops = "Iops"
            case licenseModel = "LicenseModel"
            case masterUserPassword = "MasterUserPassword"
            case multiAZ = "MultiAZ"
            case pendingCloudWatchLogsExports = "PendingCloudWatchLogsExports"
            case port = "Port"
            case processorFeatures = "ProcessorFeatures"
            case storageType = "StorageType"
        }
    }

    public struct AwsRdsDbProcessorFeature: AWSEncodableShape & AWSDecodableShape {
        /// The name of the processor feature.
        public let name: String?
        /// The value of the processor feature.
        public let value: String?

        public init(name: String? = nil, value: String? = nil) {
            self.name = name
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case value = "Value"
        }
    }

    public struct AwsRdsDbSnapshotDetails: AWSEncodableShape & AWSDecodableShape {
        /// The amount of storage (in gigabytes) to be initially allocated for the database instance.
        public let allocatedStorage: Int?
        /// Specifies the name of the Availability Zone in which the DB instance was located at the time of the DB snapshot.
        public let availabilityZone: String?
        /// A name for the DB instance.
        public let dbInstanceIdentifier: String?
        /// The identifier for the source DB instance.
        public let dbiResourceId: String?
        /// The name or ARN of the DB snapshot that is used to restore the DB instance.
        public let dbSnapshotIdentifier: String?
        /// Whether the DB snapshot is encrypted.
        public let encrypted: Bool?
        /// The name of the database engine to use for this DB instance.
        public let engine: String?
        /// The version of the database engine.
        public let engineVersion: String?
        /// Whether mapping of IAM accounts to database accounts is enabled.
        public let iamDatabaseAuthenticationEnabled: Bool?
        /// Specifies the time in Coordinated Universal Time (UTC) when the DB instance, from which the snapshot was taken, was created.
        public let instanceCreateTime: String?
        /// The provisioned IOPS (I/O operations per second) value of the DB instance at the time of the snapshot.
        public let iops: Int?
        /// If Encrypted is true, the AWS KMS key identifier for the encrypted DB snapshot.
        public let kmsKeyId: String?
        /// License model information for the restored DB instance.
        public let licenseModel: String?
        /// The master user name for the DB snapshot.
        public let masterUsername: String?
        /// The option group name for the DB snapshot.
        public let optionGroupName: String?
        /// The percentage of the estimated data that has been transferred.
        public let percentProgress: Int?
        /// The port that the database engine was listening on at the time of the snapshot.
        public let port: Int?
        /// The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.
        public let processorFeatures: [AwsRdsDbProcessorFeature]?
        /// When the snapshot was taken in Coordinated Universal Time (UTC).
        public let snapshotCreateTime: String?
        /// The type of the DB snapshot.
        public let snapshotType: String?
        /// The DB snapshot ARN that the DB snapshot was copied from.
        public let sourceDbSnapshotIdentifier: String?
        /// The AWS Region that the DB snapshot was created in or copied from.
        public let sourceRegion: String?
        /// The status of this DB snapshot.
        public let status: String?
        /// The storage type associated with the DB snapshot.
        public let storageType: String?
        /// The ARN from the key store with which to associate the instance for TDE encryption.
        public let tdeCredentialArn: String?
        /// The time zone of the DB snapshot.
        public let timezone: String?
        /// The VPC ID associated with the DB snapshot.
        public let vpcId: String?

        public init(allocatedStorage: Int? = nil, availabilityZone: String? = nil, dbInstanceIdentifier: String? = nil, dbiResourceId: String? = nil, dbSnapshotIdentifier: String? = nil, encrypted: Bool? = nil, engine: String? = nil, engineVersion: String? = nil, iamDatabaseAuthenticationEnabled: Bool? = nil, instanceCreateTime: String? = nil, iops: Int? = nil, kmsKeyId: String? = nil, licenseModel: String? = nil, masterUsername: String? = nil, optionGroupName: String? = nil, percentProgress: Int? = nil, port: Int? = nil, processorFeatures: [AwsRdsDbProcessorFeature]? = nil, snapshotCreateTime: String? = nil, snapshotType: String? = nil, sourceDbSnapshotIdentifier: String? = nil, sourceRegion: String? = nil, status: String? = nil, storageType: String? = nil, tdeCredentialArn: String? = nil, timezone: String? = nil, vpcId: String? = nil) {
            self.allocatedStorage = allocatedStorage
            self.availabilityZone = availabilityZone
            self.dbInstanceIdentifier = dbInstanceIdentifier
            self.dbiResourceId = dbiResourceId
            self.dbSnapshotIdentifier = dbSnapshotIdentifier
            self.encrypted = encrypted
            self.engine = engine
            self.engineVersion = engineVersion
            self.iamDatabaseAuthenticationEnabled = iamDatabaseAuthenticationEnabled
            self.instanceCreateTime = instanceCreateTime
            self.iops = iops
            self.kmsKeyId = kmsKeyId
            self.licenseModel = licenseModel
            self.masterUsername = masterUsername
            self.optionGroupName = optionGroupName
            self.percentProgress = percentProgress
            self.port = port
            self.processorFeatures = processorFeatures
            self.snapshotCreateTime = snapshotCreateTime
            self.snapshotType = snapshotType
            self.sourceDbSnapshotIdentifier = sourceDbSnapshotIdentifier
            self.sourceRegion = sourceRegion
            self.status = status
            self.storageType = storageType
            self.tdeCredentialArn = tdeCredentialArn
            self.timezone = timezone
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.availabilityZone, name: "availabilityZone", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbInstanceIdentifier, name: "dbInstanceIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbiResourceId, name: "dbiResourceId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbSnapshotIdentifier, name: "dbSnapshotIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engine, name: "engine", parent: name, pattern: ".*\\S.*")
            try self.validate(self.engineVersion, name: "engineVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.instanceCreateTime, name: "instanceCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.licenseModel, name: "licenseModel", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUsername, name: "masterUsername", parent: name, pattern: ".*\\S.*")
            try self.validate(self.optionGroupName, name: "optionGroupName", parent: name, pattern: ".*\\S.*")
            try self.processorFeatures?.forEach {
                try $0.validate(name: "\(name).processorFeatures[]")
            }
            try self.validate(self.snapshotCreateTime, name: "snapshotCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotType, name: "snapshotType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceDbSnapshotIdentifier, name: "sourceDbSnapshotIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceRegion, name: "sourceRegion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.storageType, name: "storageType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.tdeCredentialArn, name: "tdeCredentialArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.timezone, name: "timezone", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case allocatedStorage = "AllocatedStorage"
            case availabilityZone = "AvailabilityZone"
            case dbInstanceIdentifier = "DbInstanceIdentifier"
            case dbiResourceId = "DbiResourceId"
            case dbSnapshotIdentifier = "DbSnapshotIdentifier"
            case encrypted = "Encrypted"
            case engine = "Engine"
            case engineVersion = "EngineVersion"
            case iamDatabaseAuthenticationEnabled = "IamDatabaseAuthenticationEnabled"
            case instanceCreateTime = "InstanceCreateTime"
            case iops = "Iops"
            case kmsKeyId = "KmsKeyId"
            case licenseModel = "LicenseModel"
            case masterUsername = "MasterUsername"
            case optionGroupName = "OptionGroupName"
            case percentProgress = "PercentProgress"
            case port = "Port"
            case processorFeatures = "ProcessorFeatures"
            case snapshotCreateTime = "SnapshotCreateTime"
            case snapshotType = "SnapshotType"
            case sourceDbSnapshotIdentifier = "SourceDbSnapshotIdentifier"
            case sourceRegion = "SourceRegion"
            case status = "Status"
            case storageType = "StorageType"
            case tdeCredentialArn = "TdeCredentialArn"
            case timezone = "Timezone"
            case vpcId = "VpcId"
        }
    }

    public struct AwsRdsDbStatusInfo: AWSEncodableShape & AWSDecodableShape {
        /// If the read replica is currently in an error state, provides the error details.
        public let message: String?
        /// Whether the read replica instance is operating normally.
        public let normal: Bool?
        /// The status of the read replica instance.
        public let status: String?
        /// The type of status. For a read replica, the status type is read replication.
        public let statusType: String?

        public init(message: String? = nil, normal: Bool? = nil, status: String? = nil, statusType: String? = nil) {
            self.message = message
            self.normal = normal
            self.status = status
            self.statusType = statusType
        }

        public func validate(name: String) throws {
            try self.validate(self.message, name: "message", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.statusType, name: "statusType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case normal = "Normal"
            case status = "Status"
            case statusType = "StatusType"
        }
    }

    public struct AwsRdsDbSubnetGroup: AWSEncodableShape & AWSDecodableShape {
        /// The ARN of the subnet group.
        public let dbSubnetGroupArn: String?
        /// The description of the subnet group.
        public let dbSubnetGroupDescription: String?
        /// The name of the subnet group.
        public let dbSubnetGroupName: String?
        /// The status of the subnet group.
        public let subnetGroupStatus: String?
        /// A list of subnets in the subnet group.
        public let subnets: [AwsRdsDbSubnetGroupSubnet]?
        /// The VPC ID of the subnet group.
        public let vpcId: String?

        public init(dbSubnetGroupArn: String? = nil, dbSubnetGroupDescription: String? = nil, dbSubnetGroupName: String? = nil, subnetGroupStatus: String? = nil, subnets: [AwsRdsDbSubnetGroupSubnet]? = nil, vpcId: String? = nil) {
            self.dbSubnetGroupArn = dbSubnetGroupArn
            self.dbSubnetGroupDescription = dbSubnetGroupDescription
            self.dbSubnetGroupName = dbSubnetGroupName
            self.subnetGroupStatus = subnetGroupStatus
            self.subnets = subnets
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.dbSubnetGroupArn, name: "dbSubnetGroupArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbSubnetGroupDescription, name: "dbSubnetGroupDescription", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dbSubnetGroupName, name: "dbSubnetGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.subnetGroupStatus, name: "subnetGroupStatus", parent: name, pattern: ".*\\S.*")
            try self.subnets?.forEach {
                try $0.validate(name: "\(name).subnets[]")
            }
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dbSubnetGroupArn = "DbSubnetGroupArn"
            case dbSubnetGroupDescription = "DbSubnetGroupDescription"
            case dbSubnetGroupName = "DbSubnetGroupName"
            case subnetGroupStatus = "SubnetGroupStatus"
            case subnets = "Subnets"
            case vpcId = "VpcId"
        }
    }

    public struct AwsRdsDbSubnetGroupSubnet: AWSEncodableShape & AWSDecodableShape {
        /// Information about the Availability Zone for a subnet in the subnet group.
        public let subnetAvailabilityZone: AwsRdsDbSubnetGroupSubnetAvailabilityZone?
        /// The identifier of a subnet in the subnet group.
        public let subnetIdentifier: String?
        /// The status of a subnet in the subnet group.
        public let subnetStatus: String?

        public init(subnetAvailabilityZone: AwsRdsDbSubnetGroupSubnetAvailabilityZone? = nil, subnetIdentifier: String? = nil, subnetStatus: String? = nil) {
            self.subnetAvailabilityZone = subnetAvailabilityZone
            self.subnetIdentifier = subnetIdentifier
            self.subnetStatus = subnetStatus
        }

        public func validate(name: String) throws {
            try self.subnetAvailabilityZone?.validate(name: "\(name).subnetAvailabilityZone")
            try self.validate(self.subnetIdentifier, name: "subnetIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.subnetStatus, name: "subnetStatus", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case subnetAvailabilityZone = "SubnetAvailabilityZone"
            case subnetIdentifier = "SubnetIdentifier"
            case subnetStatus = "SubnetStatus"
        }
    }

    public struct AwsRdsDbSubnetGroupSubnetAvailabilityZone: AWSEncodableShape & AWSDecodableShape {
        /// The name of the Availability Zone for a subnet in the subnet group.
        public let name: String?

        public init(name: String? = nil) {
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
        }
    }

    public struct AwsRdsPendingCloudWatchLogsExports: AWSEncodableShape & AWSDecodableShape {
        /// A list of log types that are being disabled.
        public let logTypesToDisable: [String]?
        /// A list of log types that are being enabled.
        public let logTypesToEnable: [String]?

        public init(logTypesToDisable: [String]? = nil, logTypesToEnable: [String]? = nil) {
            self.logTypesToDisable = logTypesToDisable
            self.logTypesToEnable = logTypesToEnable
        }

        public func validate(name: String) throws {
            try self.logTypesToDisable?.forEach {
                try validate($0, name: "logTypesToDisable[]", parent: name, pattern: ".*\\S.*")
            }
            try self.logTypesToEnable?.forEach {
                try validate($0, name: "logTypesToEnable[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case logTypesToDisable = "LogTypesToDisable"
            case logTypesToEnable = "LogTypesToEnable"
        }
    }

    public struct AwsRedshiftClusterClusterNode: AWSEncodableShape & AWSDecodableShape {
        /// The role of the node. A node might be a leader node or a compute node.
        public let nodeRole: String?
        /// The private IP address of the node.
        public let privateIpAddress: String?
        /// The public IP address of the node.
        public let publicIpAddress: String?

        public init(nodeRole: String? = nil, privateIpAddress: String? = nil, publicIpAddress: String? = nil) {
            self.nodeRole = nodeRole
            self.privateIpAddress = privateIpAddress
            self.publicIpAddress = publicIpAddress
        }

        public func validate(name: String) throws {
            try self.validate(self.nodeRole, name: "nodeRole", parent: name, pattern: ".*\\S.*")
            try self.validate(self.privateIpAddress, name: "privateIpAddress", parent: name, pattern: ".*\\S.*")
            try self.validate(self.publicIpAddress, name: "publicIpAddress", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case nodeRole = "NodeRole"
            case privateIpAddress = "PrivateIpAddress"
            case publicIpAddress = "PublicIpAddress"
        }
    }

    public struct AwsRedshiftClusterClusterParameterGroup: AWSEncodableShape & AWSDecodableShape {
        /// The list of parameter statuses.
        public let clusterParameterStatusList: [AwsRedshiftClusterClusterParameterStatus]?
        /// The status of updates to the parameters.
        public let parameterApplyStatus: String?
        /// The name of the parameter group.
        public let parameterGroupName: String?

        public init(clusterParameterStatusList: [AwsRedshiftClusterClusterParameterStatus]? = nil, parameterApplyStatus: String? = nil, parameterGroupName: String? = nil) {
            self.clusterParameterStatusList = clusterParameterStatusList
            self.parameterApplyStatus = parameterApplyStatus
            self.parameterGroupName = parameterGroupName
        }

        public func validate(name: String) throws {
            try self.clusterParameterStatusList?.forEach {
                try $0.validate(name: "\(name).clusterParameterStatusList[]")
            }
            try self.validate(self.parameterApplyStatus, name: "parameterApplyStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.parameterGroupName, name: "parameterGroupName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case clusterParameterStatusList = "ClusterParameterStatusList"
            case parameterApplyStatus = "ParameterApplyStatus"
            case parameterGroupName = "ParameterGroupName"
        }
    }

    public struct AwsRedshiftClusterClusterParameterStatus: AWSEncodableShape & AWSDecodableShape {
        /// The error that prevented the parameter from being applied to the database.
        public let parameterApplyErrorDescription: String?
        /// The status of the parameter. Indicates whether the parameter is in sync with the database, waiting for a cluster reboot, or encountered an error when it was applied. Valid values: in-sync | pending-reboot | applying | invalid-parameter | apply-deferred | apply-error | unknown-error
        public let parameterApplyStatus: String?
        /// The name of the parameter.
        public let parameterName: String?

        public init(parameterApplyErrorDescription: String? = nil, parameterApplyStatus: String? = nil, parameterName: String? = nil) {
            self.parameterApplyErrorDescription = parameterApplyErrorDescription
            self.parameterApplyStatus = parameterApplyStatus
            self.parameterName = parameterName
        }

        public func validate(name: String) throws {
            try self.validate(self.parameterApplyErrorDescription, name: "parameterApplyErrorDescription", parent: name, pattern: ".*\\S.*")
            try self.validate(self.parameterApplyStatus, name: "parameterApplyStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.parameterName, name: "parameterName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case parameterApplyErrorDescription = "ParameterApplyErrorDescription"
            case parameterApplyStatus = "ParameterApplyStatus"
            case parameterName = "ParameterName"
        }
    }

    public struct AwsRedshiftClusterClusterSecurityGroup: AWSEncodableShape & AWSDecodableShape {
        /// The name of the cluster security group.
        public let clusterSecurityGroupName: String?
        /// The status of the cluster security group.
        public let status: String?

        public init(clusterSecurityGroupName: String? = nil, status: String? = nil) {
            self.clusterSecurityGroupName = clusterSecurityGroupName
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.clusterSecurityGroupName, name: "clusterSecurityGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case clusterSecurityGroupName = "ClusterSecurityGroupName"
            case status = "Status"
        }
    }

    public struct AwsRedshiftClusterClusterSnapshotCopyStatus: AWSEncodableShape & AWSDecodableShape {
        /// The destination Region that snapshots are automatically copied to when cross-Region snapshot copy is enabled.
        public let destinationRegion: String?
        /// The number of days that manual snapshots are retained in the destination region after they are copied from a source region. If the value is -1, then the manual snapshot is retained indefinitely. Valid values: Either -1 or an integer between 1 and 3,653
        public let manualSnapshotRetentionPeriod: Int?
        /// The number of days to retain automated snapshots in the destination Region after they are copied from a source Region.
        public let retentionPeriod: Int?
        /// The name of the snapshot copy grant.
        public let snapshotCopyGrantName: String?

        public init(destinationRegion: String? = nil, manualSnapshotRetentionPeriod: Int? = nil, retentionPeriod: Int? = nil, snapshotCopyGrantName: String? = nil) {
            self.destinationRegion = destinationRegion
            self.manualSnapshotRetentionPeriod = manualSnapshotRetentionPeriod
            self.retentionPeriod = retentionPeriod
            self.snapshotCopyGrantName = snapshotCopyGrantName
        }

        public func validate(name: String) throws {
            try self.validate(self.destinationRegion, name: "destinationRegion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotCopyGrantName, name: "snapshotCopyGrantName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case destinationRegion = "DestinationRegion"
            case manualSnapshotRetentionPeriod = "ManualSnapshotRetentionPeriod"
            case retentionPeriod = "RetentionPeriod"
            case snapshotCopyGrantName = "SnapshotCopyGrantName"
        }
    }

    public struct AwsRedshiftClusterDeferredMaintenanceWindow: AWSEncodableShape & AWSDecodableShape {
        /// The end of the time window for which maintenance was deferred. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let deferMaintenanceEndTime: String?
        /// The identifier of the maintenance window.
        public let deferMaintenanceIdentifier: String?
        /// The start of the time window for which maintenance was deferred. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let deferMaintenanceStartTime: String?

        public init(deferMaintenanceEndTime: String? = nil, deferMaintenanceIdentifier: String? = nil, deferMaintenanceStartTime: String? = nil) {
            self.deferMaintenanceEndTime = deferMaintenanceEndTime
            self.deferMaintenanceIdentifier = deferMaintenanceIdentifier
            self.deferMaintenanceStartTime = deferMaintenanceStartTime
        }

        public func validate(name: String) throws {
            try self.validate(self.deferMaintenanceEndTime, name: "deferMaintenanceEndTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.deferMaintenanceIdentifier, name: "deferMaintenanceIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.deferMaintenanceStartTime, name: "deferMaintenanceStartTime", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case deferMaintenanceEndTime = "DeferMaintenanceEndTime"
            case deferMaintenanceIdentifier = "DeferMaintenanceIdentifier"
            case deferMaintenanceStartTime = "DeferMaintenanceStartTime"
        }
    }

    public struct AwsRedshiftClusterDetails: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether major version upgrades are applied automatically to the cluster during the maintenance window.
        public let allowVersionUpgrade: Bool?
        /// The number of days that automatic cluster snapshots are retained.
        public let automatedSnapshotRetentionPeriod: Int?
        /// The name of the Availability Zone in which the cluster is located.
        public let availabilityZone: String?
        /// The availability status of the cluster for queries. Possible values are the following:    Available - The cluster is available for queries.    Unavailable - The cluster is not available for queries.    Maintenance - The cluster is intermittently available for queries due to maintenance activities.    Modifying -The cluster is intermittently available for queries due to changes that modify the cluster.    Failed - The cluster failed and is not available for queries.
        public let clusterAvailabilityStatus: String?
        /// Indicates when the cluster was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let clusterCreateTime: String?
        /// The unique identifier of the cluster.
        public let clusterIdentifier: String?
        /// The nodes in the cluster.
        public let clusterNodes: [AwsRedshiftClusterClusterNode]?
        /// The list of cluster parameter groups that are associated with this cluster.
        public let clusterParameterGroups: [AwsRedshiftClusterClusterParameterGroup]?
        /// The public key for the cluster.
        public let clusterPublicKey: String?
        /// The specific revision number of the database in the cluster.
        public let clusterRevisionNumber: String?
        /// A list of cluster security groups that are associated with the cluster.
        public let clusterSecurityGroups: [AwsRedshiftClusterClusterSecurityGroup]?
        /// Information about the destination Region and retention period for the cross-Region snapshot copy.
        public let clusterSnapshotCopyStatus: AwsRedshiftClusterClusterSnapshotCopyStatus?
        /// The current status of the cluster. Valid values: available | available, prep-for-resize | available, resize-cleanup | cancelling-resize | creating | deleting | final-snapshot | hardware-failure | incompatible-hsm | incompatible-network | incompatible-parameters | incompatible-restore | modifying | paused | rebooting | renaming | resizing | rotating-keys | storage-full | updating-hsm
        public let clusterStatus: String?
        /// The name of the subnet group that is associated with the cluster. This parameter is valid only when the cluster is in a VPC.
        public let clusterSubnetGroupName: String?
        /// The version ID of the Amazon Redshift engine that runs on the cluster.
        public let clusterVersion: String?
        /// The name of the initial database that was created when the cluster was created. The same name is returned for the life of the cluster. If an initial database is not specified, a database named devdev is created by default.
        public let dBName: String?
        /// List of time windows during which maintenance was deferred.
        public let deferredMaintenanceWindows: [AwsRedshiftClusterDeferredMaintenanceWindow]?
        /// Information about the status of the Elastic IP (EIP) address.
        public let elasticIpStatus: AwsRedshiftClusterElasticIpStatus?
        /// The number of nodes that you can use the elastic resize method to resize the cluster to.
        public let elasticResizeNumberOfNodeOptions: String?
        /// Indicates whether the data in the cluster is encrypted at rest.
        public let encrypted: Bool?
        /// The connection endpoint.
        public let endpoint: AwsRedshiftClusterEndpoint?
        /// Indicates whether to create the cluster with enhanced VPC routing enabled.
        public let enhancedVpcRouting: Bool?
        /// Indicates when the next snapshot is expected to be taken. The cluster must have a valid snapshot schedule and have backups enabled. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let expectedNextSnapshotScheduleTime: String?
        /// The status of the next expected snapshot. Valid values: OnTrack | Pending
        public let expectedNextSnapshotScheduleTimeStatus: String?
        /// Information about whether the Amazon Redshift cluster finished applying any changes to hardware security module (HSM) settings that were specified in a modify cluster command.
        public let hsmStatus: AwsRedshiftClusterHsmStatus?
        /// A list of IAM roles that the cluster can use to access other AWS services.
        public let iamRoles: [AwsRedshiftClusterIamRole]?
        /// The identifier of the AWS KMS encryption key that is used to encrypt data in the cluster.
        public let kmsKeyId: String?
        /// The name of the maintenance track for the cluster.
        public let maintenanceTrackName: String?
        /// The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots. Valid values: Either -1 or an integer between 1 and 3,653
        public let manualSnapshotRetentionPeriod: Int?
        /// The master user name for the cluster. This name is used to connect to the database that is specified in as the value of DBName.
        public let masterUsername: String?
        /// Indicates the start of the next maintenance window. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let nextMaintenanceWindowStartTime: String?
        /// The node type for the nodes in the cluster.
        public let nodeType: String?
        /// The number of compute nodes in the cluster.
        public let numberOfNodes: Int?
        /// A list of cluster operations that are waiting to start.
        public let pendingActions: [String]?
        /// A list of changes to the cluster that are currently pending.
        public let pendingModifiedValues: AwsRedshiftClusterPendingModifiedValues?
        /// The weekly time range, in Universal Coordinated Time (UTC), during which system maintenance can occur. Format:  &lt;day&gt;:HH:MM-&lt;day&gt;:HH:MM  For the day values, use mon | tue | wed | thu | fri | sat | sun  For example, sun:09:32-sun:10:02
        public let preferredMaintenanceWindow: String?
        /// Whether the cluster can be accessed from a public network.
        public let publiclyAccessible: Bool?
        /// Information about the resize operation for the cluster.
        public let resizeInfo: AwsRedshiftClusterResizeInfo?
        /// Information about the status of a cluster restore action. Only applies to a cluster that was created by restoring a snapshot.
        public let restoreStatus: AwsRedshiftClusterRestoreStatus?
        /// A unique identifier for the cluster snapshot schedule.
        public let snapshotScheduleIdentifier: String?
        /// The current state of the cluster snapshot schedule. Valid values: MODIFYING | ACTIVE | FAILED
        public let snapshotScheduleState: String?
        /// The identifier of the VPC that the cluster is in, if the cluster is in a VPC.
        public let vpcId: String?
        /// The list of VPC security groups that the cluster belongs to, if the cluster is in a VPC.
        public let vpcSecurityGroups: [AwsRedshiftClusterVpcSecurityGroup]?

        public init(allowVersionUpgrade: Bool? = nil, automatedSnapshotRetentionPeriod: Int? = nil, availabilityZone: String? = nil, clusterAvailabilityStatus: String? = nil, clusterCreateTime: String? = nil, clusterIdentifier: String? = nil, clusterNodes: [AwsRedshiftClusterClusterNode]? = nil, clusterParameterGroups: [AwsRedshiftClusterClusterParameterGroup]? = nil, clusterPublicKey: String? = nil, clusterRevisionNumber: String? = nil, clusterSecurityGroups: [AwsRedshiftClusterClusterSecurityGroup]? = nil, clusterSnapshotCopyStatus: AwsRedshiftClusterClusterSnapshotCopyStatus? = nil, clusterStatus: String? = nil, clusterSubnetGroupName: String? = nil, clusterVersion: String? = nil, dBName: String? = nil, deferredMaintenanceWindows: [AwsRedshiftClusterDeferredMaintenanceWindow]? = nil, elasticIpStatus: AwsRedshiftClusterElasticIpStatus? = nil, elasticResizeNumberOfNodeOptions: String? = nil, encrypted: Bool? = nil, endpoint: AwsRedshiftClusterEndpoint? = nil, enhancedVpcRouting: Bool? = nil, expectedNextSnapshotScheduleTime: String? = nil, expectedNextSnapshotScheduleTimeStatus: String? = nil, hsmStatus: AwsRedshiftClusterHsmStatus? = nil, iamRoles: [AwsRedshiftClusterIamRole]? = nil, kmsKeyId: String? = nil, maintenanceTrackName: String? = nil, manualSnapshotRetentionPeriod: Int? = nil, masterUsername: String? = nil, nextMaintenanceWindowStartTime: String? = nil, nodeType: String? = nil, numberOfNodes: Int? = nil, pendingActions: [String]? = nil, pendingModifiedValues: AwsRedshiftClusterPendingModifiedValues? = nil, preferredMaintenanceWindow: String? = nil, publiclyAccessible: Bool? = nil, resizeInfo: AwsRedshiftClusterResizeInfo? = nil, restoreStatus: AwsRedshiftClusterRestoreStatus? = nil, snapshotScheduleIdentifier: String? = nil, snapshotScheduleState: String? = nil, vpcId: String? = nil, vpcSecurityGroups: [AwsRedshiftClusterVpcSecurityGroup]? = nil) {
            self.allowVersionUpgrade = allowVersionUpgrade
            self.automatedSnapshotRetentionPeriod = automatedSnapshotRetentionPeriod
            self.availabilityZone = availabilityZone
            self.clusterAvailabilityStatus = clusterAvailabilityStatus
            self.clusterCreateTime = clusterCreateTime
            self.clusterIdentifier = clusterIdentifier
            self.clusterNodes = clusterNodes
            self.clusterParameterGroups = clusterParameterGroups
            self.clusterPublicKey = clusterPublicKey
            self.clusterRevisionNumber = clusterRevisionNumber
            self.clusterSecurityGroups = clusterSecurityGroups
            self.clusterSnapshotCopyStatus = clusterSnapshotCopyStatus
            self.clusterStatus = clusterStatus
            self.clusterSubnetGroupName = clusterSubnetGroupName
            self.clusterVersion = clusterVersion
            self.dBName = dBName
            self.deferredMaintenanceWindows = deferredMaintenanceWindows
            self.elasticIpStatus = elasticIpStatus
            self.elasticResizeNumberOfNodeOptions = elasticResizeNumberOfNodeOptions
            self.encrypted = encrypted
            self.endpoint = endpoint
            self.enhancedVpcRouting = enhancedVpcRouting
            self.expectedNextSnapshotScheduleTime = expectedNextSnapshotScheduleTime
            self.expectedNextSnapshotScheduleTimeStatus = expectedNextSnapshotScheduleTimeStatus
            self.hsmStatus = hsmStatus
            self.iamRoles = iamRoles
            self.kmsKeyId = kmsKeyId
            self.maintenanceTrackName = maintenanceTrackName
            self.manualSnapshotRetentionPeriod = manualSnapshotRetentionPeriod
            self.masterUsername = masterUsername
            self.nextMaintenanceWindowStartTime = nextMaintenanceWindowStartTime
            self.nodeType = nodeType
            self.numberOfNodes = numberOfNodes
            self.pendingActions = pendingActions
            self.pendingModifiedValues = pendingModifiedValues
            self.preferredMaintenanceWindow = preferredMaintenanceWindow
            self.publiclyAccessible = publiclyAccessible
            self.resizeInfo = resizeInfo
            self.restoreStatus = restoreStatus
            self.snapshotScheduleIdentifier = snapshotScheduleIdentifier
            self.snapshotScheduleState = snapshotScheduleState
            self.vpcId = vpcId
            self.vpcSecurityGroups = vpcSecurityGroups
        }

        public func validate(name: String) throws {
            try self.validate(self.availabilityZone, name: "availabilityZone", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterAvailabilityStatus, name: "clusterAvailabilityStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterCreateTime, name: "clusterCreateTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterIdentifier, name: "clusterIdentifier", parent: name, pattern: ".*\\S.*")
            try self.clusterNodes?.forEach {
                try $0.validate(name: "\(name).clusterNodes[]")
            }
            try self.clusterParameterGroups?.forEach {
                try $0.validate(name: "\(name).clusterParameterGroups[]")
            }
            try self.validate(self.clusterPublicKey, name: "clusterPublicKey", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterRevisionNumber, name: "clusterRevisionNumber", parent: name, pattern: ".*\\S.*")
            try self.clusterSecurityGroups?.forEach {
                try $0.validate(name: "\(name).clusterSecurityGroups[]")
            }
            try self.clusterSnapshotCopyStatus?.validate(name: "\(name).clusterSnapshotCopyStatus")
            try self.validate(self.clusterStatus, name: "clusterStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterSubnetGroupName, name: "clusterSubnetGroupName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterVersion, name: "clusterVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.dBName, name: "dBName", parent: name, pattern: ".*\\S.*")
            try self.deferredMaintenanceWindows?.forEach {
                try $0.validate(name: "\(name).deferredMaintenanceWindows[]")
            }
            try self.elasticIpStatus?.validate(name: "\(name).elasticIpStatus")
            try self.validate(self.elasticResizeNumberOfNodeOptions, name: "elasticResizeNumberOfNodeOptions", parent: name, pattern: ".*\\S.*")
            try self.endpoint?.validate(name: "\(name).endpoint")
            try self.validate(self.expectedNextSnapshotScheduleTime, name: "expectedNextSnapshotScheduleTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.expectedNextSnapshotScheduleTimeStatus, name: "expectedNextSnapshotScheduleTimeStatus", parent: name, pattern: ".*\\S.*")
            try self.hsmStatus?.validate(name: "\(name).hsmStatus")
            try self.iamRoles?.forEach {
                try $0.validate(name: "\(name).iamRoles[]")
            }
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.maintenanceTrackName, name: "maintenanceTrackName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUsername, name: "masterUsername", parent: name, pattern: ".*\\S.*")
            try self.validate(self.nextMaintenanceWindowStartTime, name: "nextMaintenanceWindowStartTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.nodeType, name: "nodeType", parent: name, pattern: ".*\\S.*")
            try self.pendingActions?.forEach {
                try validate($0, name: "pendingActions[]", parent: name, pattern: ".*\\S.*")
            }
            try self.pendingModifiedValues?.validate(name: "\(name).pendingModifiedValues")
            try self.validate(self.preferredMaintenanceWindow, name: "preferredMaintenanceWindow", parent: name, pattern: ".*\\S.*")
            try self.resizeInfo?.validate(name: "\(name).resizeInfo")
            try self.restoreStatus?.validate(name: "\(name).restoreStatus")
            try self.validate(self.snapshotScheduleIdentifier, name: "snapshotScheduleIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.snapshotScheduleState, name: "snapshotScheduleState", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcId, name: "vpcId", parent: name, pattern: ".*\\S.*")
            try self.vpcSecurityGroups?.forEach {
                try $0.validate(name: "\(name).vpcSecurityGroups[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case allowVersionUpgrade = "AllowVersionUpgrade"
            case automatedSnapshotRetentionPeriod = "AutomatedSnapshotRetentionPeriod"
            case availabilityZone = "AvailabilityZone"
            case clusterAvailabilityStatus = "ClusterAvailabilityStatus"
            case clusterCreateTime = "ClusterCreateTime"
            case clusterIdentifier = "ClusterIdentifier"
            case clusterNodes = "ClusterNodes"
            case clusterParameterGroups = "ClusterParameterGroups"
            case clusterPublicKey = "ClusterPublicKey"
            case clusterRevisionNumber = "ClusterRevisionNumber"
            case clusterSecurityGroups = "ClusterSecurityGroups"
            case clusterSnapshotCopyStatus = "ClusterSnapshotCopyStatus"
            case clusterStatus = "ClusterStatus"
            case clusterSubnetGroupName = "ClusterSubnetGroupName"
            case clusterVersion = "ClusterVersion"
            case dBName = "DBName"
            case deferredMaintenanceWindows = "DeferredMaintenanceWindows"
            case elasticIpStatus = "ElasticIpStatus"
            case elasticResizeNumberOfNodeOptions = "ElasticResizeNumberOfNodeOptions"
            case encrypted = "Encrypted"
            case endpoint = "Endpoint"
            case enhancedVpcRouting = "EnhancedVpcRouting"
            case expectedNextSnapshotScheduleTime = "ExpectedNextSnapshotScheduleTime"
            case expectedNextSnapshotScheduleTimeStatus = "ExpectedNextSnapshotScheduleTimeStatus"
            case hsmStatus = "HsmStatus"
            case iamRoles = "IamRoles"
            case kmsKeyId = "KmsKeyId"
            case maintenanceTrackName = "MaintenanceTrackName"
            case manualSnapshotRetentionPeriod = "ManualSnapshotRetentionPeriod"
            case masterUsername = "MasterUsername"
            case nextMaintenanceWindowStartTime = "NextMaintenanceWindowStartTime"
            case nodeType = "NodeType"
            case numberOfNodes = "NumberOfNodes"
            case pendingActions = "PendingActions"
            case pendingModifiedValues = "PendingModifiedValues"
            case preferredMaintenanceWindow = "PreferredMaintenanceWindow"
            case publiclyAccessible = "PubliclyAccessible"
            case resizeInfo = "ResizeInfo"
            case restoreStatus = "RestoreStatus"
            case snapshotScheduleIdentifier = "SnapshotScheduleIdentifier"
            case snapshotScheduleState = "SnapshotScheduleState"
            case vpcId = "VpcId"
            case vpcSecurityGroups = "VpcSecurityGroups"
        }
    }

    public struct AwsRedshiftClusterElasticIpStatus: AWSEncodableShape & AWSDecodableShape {
        /// The elastic IP address for the cluster.
        public let elasticIp: String?
        /// The status of the elastic IP address.
        public let status: String?

        public init(elasticIp: String? = nil, status: String? = nil) {
            self.elasticIp = elasticIp
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.elasticIp, name: "elasticIp", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case elasticIp = "ElasticIp"
            case status = "Status"
        }
    }

    public struct AwsRedshiftClusterEndpoint: AWSEncodableShape & AWSDecodableShape {
        /// The DNS address of the cluster.
        public let address: String?
        /// The port that the database engine listens on.
        public let port: Int?

        public init(address: String? = nil, port: Int? = nil) {
            self.address = address
            self.port = port
        }

        public func validate(name: String) throws {
            try self.validate(self.address, name: "address", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case address = "Address"
            case port = "Port"
        }
    }

    public struct AwsRedshiftClusterHsmStatus: AWSEncodableShape & AWSDecodableShape {
        /// The name of the HSM client certificate that the Amazon Redshift cluster uses to retrieve the data encryption keys that are stored in an HSM.
        public let hsmClientCertificateIdentifier: String?
        /// The name of the HSM configuration that contains the information that the Amazon Redshift cluster can use to retrieve and store keys in an HSM.
        public let hsmConfigurationIdentifier: String?
        /// Indicates whether the Amazon Redshift cluster has finished applying any HSM settings changes specified in a modify cluster command. Type: String Valid values: active | applying
        public let status: String?

        public init(hsmClientCertificateIdentifier: String? = nil, hsmConfigurationIdentifier: String? = nil, status: String? = nil) {
            self.hsmClientCertificateIdentifier = hsmClientCertificateIdentifier
            self.hsmConfigurationIdentifier = hsmConfigurationIdentifier
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.hsmClientCertificateIdentifier, name: "hsmClientCertificateIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.hsmConfigurationIdentifier, name: "hsmConfigurationIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case hsmClientCertificateIdentifier = "HsmClientCertificateIdentifier"
            case hsmConfigurationIdentifier = "HsmConfigurationIdentifier"
            case status = "Status"
        }
    }

    public struct AwsRedshiftClusterIamRole: AWSEncodableShape & AWSDecodableShape {
        /// The status of the IAM role's association with the cluster. Valid values: in-sync | adding | removing
        public let applyStatus: String?
        /// The ARN of the IAM role.
        public let iamRoleArn: String?

        public init(applyStatus: String? = nil, iamRoleArn: String? = nil) {
            self.applyStatus = applyStatus
            self.iamRoleArn = iamRoleArn
        }

        public func validate(name: String) throws {
            try self.validate(self.applyStatus, name: "applyStatus", parent: name, pattern: ".*\\S.*")
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case applyStatus = "ApplyStatus"
            case iamRoleArn = "IamRoleArn"
        }
    }

    public struct AwsRedshiftClusterPendingModifiedValues: AWSEncodableShape & AWSDecodableShape {
        /// The pending or in-progress change to the automated snapshot retention period.
        public let automatedSnapshotRetentionPeriod: Int?
        /// The pending or in-progress change to the identifier for the cluster.
        public let clusterIdentifier: String?
        /// The pending or in-progress change to the cluster type.
        public let clusterType: String?
        /// The pending or in-progress change to the service version.
        public let clusterVersion: String?
        /// The encryption type for a cluster.
        public let encryptionType: String?
        /// Indicates whether to create the cluster with enhanced VPC routing enabled.
        public let enhancedVpcRouting: Bool?
        /// The name of the maintenance track that the cluster changes to during the next maintenance window.
        public let maintenanceTrackName: String?
        /// The pending or in-progress change to the master user password for the cluster.
        public let masterUserPassword: String?
        /// The pending or in-progress change to the cluster's node type.
        public let nodeType: String?
        /// The pending or in-progress change to the number of nodes in the cluster.
        public let numberOfNodes: Int?
        /// The pending or in-progress change to whether the cluster can be connected to from the public network.
        public let publiclyAccessible: Bool?

        public init(automatedSnapshotRetentionPeriod: Int? = nil, clusterIdentifier: String? = nil, clusterType: String? = nil, clusterVersion: String? = nil, encryptionType: String? = nil, enhancedVpcRouting: Bool? = nil, maintenanceTrackName: String? = nil, masterUserPassword: String? = nil, nodeType: String? = nil, numberOfNodes: Int? = nil, publiclyAccessible: Bool? = nil) {
            self.automatedSnapshotRetentionPeriod = automatedSnapshotRetentionPeriod
            self.clusterIdentifier = clusterIdentifier
            self.clusterType = clusterType
            self.clusterVersion = clusterVersion
            self.encryptionType = encryptionType
            self.enhancedVpcRouting = enhancedVpcRouting
            self.maintenanceTrackName = maintenanceTrackName
            self.masterUserPassword = masterUserPassword
            self.nodeType = nodeType
            self.numberOfNodes = numberOfNodes
            self.publiclyAccessible = publiclyAccessible
        }

        public func validate(name: String) throws {
            try self.validate(self.clusterIdentifier, name: "clusterIdentifier", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterType, name: "clusterType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.clusterVersion, name: "clusterVersion", parent: name, pattern: ".*\\S.*")
            try self.validate(self.encryptionType, name: "encryptionType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.maintenanceTrackName, name: "maintenanceTrackName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.masterUserPassword, name: "masterUserPassword", parent: name, pattern: ".*\\S.*")
            try self.validate(self.nodeType, name: "nodeType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case automatedSnapshotRetentionPeriod = "AutomatedSnapshotRetentionPeriod"
            case clusterIdentifier = "ClusterIdentifier"
            case clusterType = "ClusterType"
            case clusterVersion = "ClusterVersion"
            case encryptionType = "EncryptionType"
            case enhancedVpcRouting = "EnhancedVpcRouting"
            case maintenanceTrackName = "MaintenanceTrackName"
            case masterUserPassword = "MasterUserPassword"
            case nodeType = "NodeType"
            case numberOfNodes = "NumberOfNodes"
            case publiclyAccessible = "PubliclyAccessible"
        }
    }

    public struct AwsRedshiftClusterResizeInfo: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the resize operation can be canceled.
        public let allowCancelResize: Bool?
        /// The type of resize operation. Valid values: ClassicResize
        public let resizeType: String?

        public init(allowCancelResize: Bool? = nil, resizeType: String? = nil) {
            self.allowCancelResize = allowCancelResize
            self.resizeType = resizeType
        }

        public func validate(name: String) throws {
            try self.validate(self.resizeType, name: "resizeType", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case allowCancelResize = "AllowCancelResize"
            case resizeType = "ResizeType"
        }
    }

    public struct AwsRedshiftClusterRestoreStatus: AWSEncodableShape & AWSDecodableShape {
        /// The number of megabytes per second being transferred from the backup storage. Returns the average rate for a completed backup. This field is only updated when you restore to DC2 and DS2 node types.
        public let currentRestoreRateInMegaBytesPerSecond: Double?
        /// The amount of time an in-progress restore has been running, or the amount of time it took a completed restore to finish. This field is only updated when you restore to DC2 and DS2 node types.
        public let elapsedTimeInSeconds: Int64?
        /// The estimate of the time remaining before the restore is complete. Returns 0 for a completed restore. This field is only updated when you restore to DC2 and DS2 node types.
        public let estimatedTimeToCompletionInSeconds: Int64?
        /// The number of megabytes that were transferred from snapshot storage. This field is only updated when you restore to DC2 and DS2 node types.
        public let progressInMegaBytes: Int64?
        /// The size of the set of snapshot data that was used to restore the cluster. This field is only updated when you restore to DC2 and DS2 node types.
        public let snapshotSizeInMegaBytes: Int64?
        /// The status of the restore action. Valid values: starting | restoring | completed | failed
        public let status: String?

        public init(currentRestoreRateInMegaBytesPerSecond: Double? = nil, elapsedTimeInSeconds: Int64? = nil, estimatedTimeToCompletionInSeconds: Int64? = nil, progressInMegaBytes: Int64? = nil, snapshotSizeInMegaBytes: Int64? = nil, status: String? = nil) {
            self.currentRestoreRateInMegaBytesPerSecond = currentRestoreRateInMegaBytesPerSecond
            self.elapsedTimeInSeconds = elapsedTimeInSeconds
            self.estimatedTimeToCompletionInSeconds = estimatedTimeToCompletionInSeconds
            self.progressInMegaBytes = progressInMegaBytes
            self.snapshotSizeInMegaBytes = snapshotSizeInMegaBytes
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case currentRestoreRateInMegaBytesPerSecond = "CurrentRestoreRateInMegaBytesPerSecond"
            case elapsedTimeInSeconds = "ElapsedTimeInSeconds"
            case estimatedTimeToCompletionInSeconds = "EstimatedTimeToCompletionInSeconds"
            case progressInMegaBytes = "ProgressInMegaBytes"
            case snapshotSizeInMegaBytes = "SnapshotSizeInMegaBytes"
            case status = "Status"
        }
    }

    public struct AwsRedshiftClusterVpcSecurityGroup: AWSEncodableShape & AWSDecodableShape {
        /// The status of the VPC security group.
        public let status: String?
        /// The identifier of the VPC security group.
        public let vpcSecurityGroupId: String?

        public init(status: String? = nil, vpcSecurityGroupId: String? = nil) {
            self.status = status
            self.vpcSecurityGroupId = vpcSecurityGroupId
        }

        public func validate(name: String) throws {
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vpcSecurityGroupId, name: "vpcSecurityGroupId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
            case vpcSecurityGroupId = "VpcSecurityGroupId"
        }
    }

    public struct AwsS3BucketDetails: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the S3 bucket was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdAt: String?
        /// The canonical user ID of the owner of the S3 bucket.
        public let ownerId: String?
        /// The display name of the owner of the S3 bucket.
        public let ownerName: String?
        /// The encryption rules that are applied to the S3 bucket.
        public let serverSideEncryptionConfiguration: AwsS3BucketServerSideEncryptionConfiguration?

        public init(createdAt: String? = nil, ownerId: String? = nil, ownerName: String? = nil, serverSideEncryptionConfiguration: AwsS3BucketServerSideEncryptionConfiguration? = nil) {
            self.createdAt = createdAt
            self.ownerId = ownerId
            self.ownerName = ownerName
            self.serverSideEncryptionConfiguration = serverSideEncryptionConfiguration
        }

        public func validate(name: String) throws {
            try self.validate(self.createdAt, name: "createdAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.ownerId, name: "ownerId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.ownerName, name: "ownerName", parent: name, pattern: ".*\\S.*")
            try self.serverSideEncryptionConfiguration?.validate(name: "\(name).serverSideEncryptionConfiguration")
        }

        private enum CodingKeys: String, CodingKey {
            case createdAt = "CreatedAt"
            case ownerId = "OwnerId"
            case ownerName = "OwnerName"
            case serverSideEncryptionConfiguration = "ServerSideEncryptionConfiguration"
        }
    }

    public struct AwsS3BucketServerSideEncryptionByDefault: AWSEncodableShape & AWSDecodableShape {
        /// AWS KMS customer master key (CMK) ID to use for the default encryption.
        public let kMSMasterKeyID: String?
        /// Server-side encryption algorithm to use for the default encryption.
        public let sSEAlgorithm: String?

        public init(kMSMasterKeyID: String? = nil, sSEAlgorithm: String? = nil) {
            self.kMSMasterKeyID = kMSMasterKeyID
            self.sSEAlgorithm = sSEAlgorithm
        }

        public func validate(name: String) throws {
            try self.validate(self.kMSMasterKeyID, name: "kMSMasterKeyID", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sSEAlgorithm, name: "sSEAlgorithm", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case kMSMasterKeyID = "KMSMasterKeyID"
            case sSEAlgorithm = "SSEAlgorithm"
        }
    }

    public struct AwsS3BucketServerSideEncryptionConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// The encryption rules that are applied to the S3 bucket.
        public let rules: [AwsS3BucketServerSideEncryptionRule]?

        public init(rules: [AwsS3BucketServerSideEncryptionRule]? = nil) {
            self.rules = rules
        }

        public func validate(name: String) throws {
            try self.rules?.forEach {
                try $0.validate(name: "\(name).rules[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case rules = "Rules"
        }
    }

    public struct AwsS3BucketServerSideEncryptionRule: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT object request doesn't specify any server-side encryption, this default encryption is applied.
        public let applyServerSideEncryptionByDefault: AwsS3BucketServerSideEncryptionByDefault?

        public init(applyServerSideEncryptionByDefault: AwsS3BucketServerSideEncryptionByDefault? = nil) {
            self.applyServerSideEncryptionByDefault = applyServerSideEncryptionByDefault
        }

        public func validate(name: String) throws {
            try self.applyServerSideEncryptionByDefault?.validate(name: "\(name).applyServerSideEncryptionByDefault")
        }

        private enum CodingKeys: String, CodingKey {
            case applyServerSideEncryptionByDefault = "ApplyServerSideEncryptionByDefault"
        }
    }

    public struct AwsS3ObjectDetails: AWSEncodableShape & AWSDecodableShape {
        /// A standard MIME type describing the format of the object data.
        public let contentType: String?
        /// The opaque identifier assigned by a web server to a specific version of a resource found at a URL.
        public let eTag: String?
        /// Indicates when the object was last modified. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastModified: String?
        /// If the object is stored using server-side encryption, the value of the server-side encryption algorithm used when storing this object in Amazon S3.
        public let serverSideEncryption: String?
        /// The identifier of the AWS Key Management Service (AWS KMS) symmetric customer managed customer master key (CMK) that was used for the object.
        public let sSEKMSKeyId: String?
        /// The version of the object.
        public let versionId: String?

        public init(contentType: String? = nil, eTag: String? = nil, lastModified: String? = nil, serverSideEncryption: String? = nil, sSEKMSKeyId: String? = nil, versionId: String? = nil) {
            self.contentType = contentType
            self.eTag = eTag
            self.lastModified = lastModified
            self.serverSideEncryption = serverSideEncryption
            self.sSEKMSKeyId = sSEKMSKeyId
            self.versionId = versionId
        }

        public func validate(name: String) throws {
            try self.validate(self.contentType, name: "contentType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.eTag, name: "eTag", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastModified, name: "lastModified", parent: name, pattern: ".*\\S.*")
            try self.validate(self.serverSideEncryption, name: "serverSideEncryption", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sSEKMSKeyId, name: "sSEKMSKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.versionId, name: "versionId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case contentType = "ContentType"
            case eTag = "ETag"
            case lastModified = "LastModified"
            case serverSideEncryption = "ServerSideEncryption"
            case sSEKMSKeyId = "SSEKMSKeyId"
            case versionId = "VersionId"
        }
    }

    public struct AwsSecretsManagerSecretDetails: AWSEncodableShape & AWSDecodableShape {
        /// Whether the secret is deleted.
        public let deleted: Bool?
        /// The user-provided description of the secret.
        public let description: String?
        /// The ARN, Key ID, or alias of the AWS KMS customer master key (CMK) used to encrypt the SecretString or SecretBinary values for versions of this secret.
        public let kmsKeyId: String?
        /// The name of the secret.
        public let name: String?
        /// Whether rotation is enabled.
        public let rotationEnabled: Bool?
        /// The ARN of the Lambda function that rotates the secret.
        public let rotationLambdaArn: String?
        /// Whether the rotation occurred within the specified rotation frequency.
        public let rotationOccurredWithinFrequency: Bool?
        /// Defines the rotation schedule for the secret.
        public let rotationRules: AwsSecretsManagerSecretRotationRules?

        public init(deleted: Bool? = nil, description: String? = nil, kmsKeyId: String? = nil, name: String? = nil, rotationEnabled: Bool? = nil, rotationLambdaArn: String? = nil, rotationOccurredWithinFrequency: Bool? = nil, rotationRules: AwsSecretsManagerSecretRotationRules? = nil) {
            self.deleted = deleted
            self.description = description
            self.kmsKeyId = kmsKeyId
            self.name = name
            self.rotationEnabled = rotationEnabled
            self.rotationLambdaArn = rotationLambdaArn
            self.rotationOccurredWithinFrequency = rotationOccurredWithinFrequency
            self.rotationRules = rotationRules
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsKeyId, name: "kmsKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.rotationLambdaArn, name: "rotationLambdaArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case deleted = "Deleted"
            case description = "Description"
            case kmsKeyId = "KmsKeyId"
            case name = "Name"
            case rotationEnabled = "RotationEnabled"
            case rotationLambdaArn = "RotationLambdaArn"
            case rotationOccurredWithinFrequency = "RotationOccurredWithinFrequency"
            case rotationRules = "RotationRules"
        }
    }

    public struct AwsSecretsManagerSecretRotationRules: AWSEncodableShape & AWSDecodableShape {
        /// The number of days after the previous rotation to rotate the secret.
        public let automaticallyAfterDays: Int?

        public init(automaticallyAfterDays: Int? = nil) {
            self.automaticallyAfterDays = automaticallyAfterDays
        }

        private enum CodingKeys: String, CodingKey {
            case automaticallyAfterDays = "AutomaticallyAfterDays"
        }
    }

    public struct AwsSecurityFinding: AWSEncodableShape & AWSDecodableShape {
        /// Provides details about an action that affects or that was taken on a resource.
        public let action: Action?
        /// The AWS account ID that a finding is generated in.
        public let awsAccountId: String
        /// This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.
        public let compliance: Compliance?
        /// A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
        public let confidence: Int?
        /// Indicates when the security-findings provider created the potential security issue that a finding captured. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let createdAt: String
        /// The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
        public let criticality: Int?
        /// A finding's description.  In this release, Description is a required property.
        public let description: String
        /// Indicates when the security-findings provider first observed the potential security issue that a finding captured. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let firstObservedAt: String?
        /// The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
        public let generatorId: String
        /// The security findings provider-specific identifier for a finding.
        public let id: String
        /// Indicates when the security-findings provider most recently observed the potential security issue that a finding captured. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastObservedAt: String?
        /// A list of malware related to a finding.
        public let malware: [Malware]?
        /// The details of network-related information about a finding.
        public let network: Network?
        /// Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.
        public let networkPath: [NetworkPathComponent]?
        /// A user-defined note added to a finding.
        public let note: Note?
        /// Provides an overview of the patch compliance status for an instance against a selected compliance standard.
        public let patchSummary: PatchSummary?
        /// The details of process-related information about a finding.
        public let process: ProcessDetails?
        /// The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
        public let productArn: String
        /// A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.
        public let productFields: [String: String]?
        /// The record state of a finding.
        public let recordState: RecordState?
        /// A list of related findings.
        public let relatedFindings: [RelatedFinding]?
        /// A data type that describes the remediation options for a finding.
        public let remediation: Remediation?
        /// A set of resource data types that describe the resources that the finding refers to.
        public let resources: [Resource]
        /// The schema version that a finding is formatted for.
        public let schemaVersion: String
        /// A finding's severity.
        public let severity: Severity
        /// A URL that links to a page about the current finding in the security-findings provider's solution.
        public let sourceUrl: String?
        /// Threat intelligence details related to a finding.
        public let threatIntelIndicators: [ThreatIntelIndicator]?
        /// A finding's title.  In this release, Title is a required property.
        public let title: String
        /// One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
        public let types: [String]
        /// Indicates when the security-findings provider last updated the finding record. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let updatedAt: String
        /// A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
        public let userDefinedFields: [String: String]?
        /// Indicates the veracity of a finding.
        public let verificationState: VerificationState?
        /// Provides a list of vulnerabilities associated with the findings.
        public let vulnerabilities: [Vulnerability]?
        /// Provides information about the status of the investigation into a finding.
        public let workflow: Workflow?
        /// The workflow state of a finding.
        public let workflowState: WorkflowState?

        public init(action: Action? = nil, awsAccountId: String, compliance: Compliance? = nil, confidence: Int? = nil, createdAt: String, criticality: Int? = nil, description: String, firstObservedAt: String? = nil, generatorId: String, id: String, lastObservedAt: String? = nil, malware: [Malware]? = nil, network: Network? = nil, networkPath: [NetworkPathComponent]? = nil, note: Note? = nil, patchSummary: PatchSummary? = nil, process: ProcessDetails? = nil, productArn: String, productFields: [String: String]? = nil, recordState: RecordState? = nil, relatedFindings: [RelatedFinding]? = nil, remediation: Remediation? = nil, resources: [Resource], schemaVersion: String, severity: Severity, sourceUrl: String? = nil, threatIntelIndicators: [ThreatIntelIndicator]? = nil, title: String, types: [String], updatedAt: String, userDefinedFields: [String: String]? = nil, verificationState: VerificationState? = nil, vulnerabilities: [Vulnerability]? = nil, workflow: Workflow? = nil, workflowState: WorkflowState? = nil) {
            self.action = action
            self.awsAccountId = awsAccountId
            self.compliance = compliance
            self.confidence = confidence
            self.createdAt = createdAt
            self.criticality = criticality
            self.description = description
            self.firstObservedAt = firstObservedAt
            self.generatorId = generatorId
            self.id = id
            self.lastObservedAt = lastObservedAt
            self.malware = malware
            self.network = network
            self.networkPath = networkPath
            self.note = note
            self.patchSummary = patchSummary
            self.process = process
            self.productArn = productArn
            self.productFields = productFields
            self.recordState = recordState
            self.relatedFindings = relatedFindings
            self.remediation = remediation
            self.resources = resources
            self.schemaVersion = schemaVersion
            self.severity = severity
            self.sourceUrl = sourceUrl
            self.threatIntelIndicators = threatIntelIndicators
            self.title = title
            self.types = types
            self.updatedAt = updatedAt
            self.userDefinedFields = userDefinedFields
            self.verificationState = verificationState
            self.vulnerabilities = vulnerabilities
            self.workflow = workflow
            self.workflowState = workflowState
        }

        public func validate(name: String) throws {
            try self.action?.validate(name: "\(name).action")
            try self.validate(self.awsAccountId, name: "awsAccountId", parent: name, pattern: ".*\\S.*")
            try self.compliance?.validate(name: "\(name).compliance")
            try self.validate(self.createdAt, name: "createdAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.firstObservedAt, name: "firstObservedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.generatorId, name: "generatorId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.lastObservedAt, name: "lastObservedAt", parent: name, pattern: ".*\\S.*")
            try self.malware?.forEach {
                try $0.validate(name: "\(name).malware[]")
            }
            try self.network?.validate(name: "\(name).network")
            try self.networkPath?.forEach {
                try $0.validate(name: "\(name).networkPath[]")
            }
            try self.note?.validate(name: "\(name).note")
            try self.patchSummary?.validate(name: "\(name).patchSummary")
            try self.process?.validate(name: "\(name).process")
            try self.validate(self.productArn, name: "productArn", parent: name, pattern: ".*\\S.*")
            try self.productFields?.forEach {
                try validate($0.key, name: "productFields.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "productFields[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.relatedFindings?.forEach {
                try $0.validate(name: "\(name).relatedFindings[]")
            }
            try self.remediation?.validate(name: "\(name).remediation")
            try self.resources.forEach {
                try $0.validate(name: "\(name).resources[]")
            }
            try self.validate(self.schemaVersion, name: "schemaVersion", parent: name, pattern: ".*\\S.*")
            try self.severity.validate(name: "\(name).severity")
            try self.validate(self.sourceUrl, name: "sourceUrl", parent: name, pattern: ".*\\S.*")
            try self.threatIntelIndicators?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicators[]")
            }
            try self.validate(self.title, name: "title", parent: name, pattern: ".*\\S.*")
            try self.types.forEach {
                try validate($0, name: "types[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.updatedAt, name: "updatedAt", parent: name, pattern: ".*\\S.*")
            try self.userDefinedFields?.forEach {
                try validate($0.key, name: "userDefinedFields.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "userDefinedFields[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.vulnerabilities?.forEach {
                try $0.validate(name: "\(name).vulnerabilities[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case awsAccountId = "AwsAccountId"
            case compliance = "Compliance"
            case confidence = "Confidence"
            case createdAt = "CreatedAt"
            case criticality = "Criticality"
            case description = "Description"
            case firstObservedAt = "FirstObservedAt"
            case generatorId = "GeneratorId"
            case id = "Id"
            case lastObservedAt = "LastObservedAt"
            case malware = "Malware"
            case network = "Network"
            case networkPath = "NetworkPath"
            case note = "Note"
            case patchSummary = "PatchSummary"
            case process = "Process"
            case productArn = "ProductArn"
            case productFields = "ProductFields"
            case recordState = "RecordState"
            case relatedFindings = "RelatedFindings"
            case remediation = "Remediation"
            case resources = "Resources"
            case schemaVersion = "SchemaVersion"
            case severity = "Severity"
            case sourceUrl = "SourceUrl"
            case threatIntelIndicators = "ThreatIntelIndicators"
            case title = "Title"
            case types = "Types"
            case updatedAt = "UpdatedAt"
            case userDefinedFields = "UserDefinedFields"
            case verificationState = "VerificationState"
            case vulnerabilities = "Vulnerabilities"
            case workflow = "Workflow"
            case workflowState = "WorkflowState"
        }
    }

    public struct AwsSecurityFindingFilters: AWSEncodableShape & AWSDecodableShape {
        /// The AWS account ID that a finding is generated in.
        public let awsAccountId: [StringFilter]?
        /// The name of the findings provider (company) that owns the solution (product) that generates findings.
        public let companyName: [StringFilter]?
        /// Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.
        public let complianceStatus: [StringFilter]?
        /// A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
        public let confidence: [NumberFilter]?
        /// An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.
        public let createdAt: [DateFilter]?
        /// The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
        public let criticality: [NumberFilter]?
        /// A finding's description.
        public let description: [StringFilter]?
        /// An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.
        public let firstObservedAt: [DateFilter]?
        /// The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
        public let generatorId: [StringFilter]?
        /// The security findings provider-specific identifier for a finding.
        public let id: [StringFilter]?
        /// A keyword for a finding.
        public let keyword: [KeywordFilter]?
        /// An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.
        public let lastObservedAt: [DateFilter]?
        /// The name of the malware that was observed.
        public let malwareName: [StringFilter]?
        /// The filesystem path of the malware that was observed.
        public let malwarePath: [StringFilter]?
        /// The state of the malware that was observed.
        public let malwareState: [StringFilter]?
        /// The type of the malware that was observed.
        public let malwareType: [StringFilter]?
        /// The destination domain of network-related information about a finding.
        public let networkDestinationDomain: [StringFilter]?
        /// The destination IPv4 address of network-related information about a finding.
        public let networkDestinationIpV4: [IpFilter]?
        /// The destination IPv6 address of network-related information about a finding.
        public let networkDestinationIpV6: [IpFilter]?
        /// The destination port of network-related information about a finding.
        public let networkDestinationPort: [NumberFilter]?
        /// Indicates the direction of network traffic associated with a finding.
        public let networkDirection: [StringFilter]?
        /// The protocol of network-related information about a finding.
        public let networkProtocol: [StringFilter]?
        /// The source domain of network-related information about a finding.
        public let networkSourceDomain: [StringFilter]?
        /// The source IPv4 address of network-related information about a finding.
        public let networkSourceIpV4: [IpFilter]?
        /// The source IPv6 address of network-related information about a finding.
        public let networkSourceIpV6: [IpFilter]?
        /// The source media access control (MAC) address of network-related information about a finding.
        public let networkSourceMac: [StringFilter]?
        /// The source port of network-related information about a finding.
        public let networkSourcePort: [NumberFilter]?
        /// The text of a note.
        public let noteText: [StringFilter]?
        /// The timestamp of when the note was updated.
        public let noteUpdatedAt: [DateFilter]?
        /// The principal that created a note.
        public let noteUpdatedBy: [StringFilter]?
        /// The date/time that the process was launched.
        public let processLaunchedAt: [DateFilter]?
        /// The name of the process.
        public let processName: [StringFilter]?
        /// The parent process ID.
        public let processParentPid: [NumberFilter]?
        /// The path to the process executable.
        public let processPath: [StringFilter]?
        /// The process ID.
        public let processPid: [NumberFilter]?
        /// The date/time that the process was terminated.
        public let processTerminatedAt: [DateFilter]?
        /// The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.
        public let productArn: [StringFilter]?
        /// A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.
        public let productFields: [MapFilter]?
        /// The name of the solution (product) that generates findings.
        public let productName: [StringFilter]?
        /// The recommendation of what to do about the issue described in a finding.
        public let recommendationText: [StringFilter]?
        /// The updated record state for the finding.
        public let recordState: [StringFilter]?
        /// The solution-generated identifier for a related finding.
        public let relatedFindingsId: [StringFilter]?
        /// The ARN of the solution that generated a related finding.
        public let relatedFindingsProductArn: [StringFilter]?
        /// The IAM profile ARN of the instance.
        public let resourceAwsEc2InstanceIamInstanceProfileArn: [StringFilter]?
        /// The Amazon Machine Image (AMI) ID of the instance.
        public let resourceAwsEc2InstanceImageId: [StringFilter]?
        /// The IPv4 addresses associated with the instance.
        public let resourceAwsEc2InstanceIpV4Addresses: [IpFilter]?
        /// The IPv6 addresses associated with the instance.
        public let resourceAwsEc2InstanceIpV6Addresses: [IpFilter]?
        /// The key name associated with the instance.
        public let resourceAwsEc2InstanceKeyName: [StringFilter]?
        /// The date and time the instance was launched.
        public let resourceAwsEc2InstanceLaunchedAt: [DateFilter]?
        /// The identifier of the subnet that the instance was launched in.
        public let resourceAwsEc2InstanceSubnetId: [StringFilter]?
        /// The instance type of the instance.
        public let resourceAwsEc2InstanceType: [StringFilter]?
        /// The identifier of the VPC that the instance was launched in.
        public let resourceAwsEc2InstanceVpcId: [StringFilter]?
        /// The creation date/time of the IAM access key related to a finding.
        public let resourceAwsIamAccessKeyCreatedAt: [DateFilter]?
        /// The status of the IAM access key related to a finding.
        public let resourceAwsIamAccessKeyStatus: [StringFilter]?
        /// The user associated with the IAM access key related to a finding.
        public let resourceAwsIamAccessKeyUserName: [StringFilter]?
        /// The canonical user ID of the owner of the S3 bucket.
        public let resourceAwsS3BucketOwnerId: [StringFilter]?
        /// The display name of the owner of the S3 bucket.
        public let resourceAwsS3BucketOwnerName: [StringFilter]?
        /// The identifier of the image related to a finding.
        public let resourceContainerImageId: [StringFilter]?
        /// The name of the image related to a finding.
        public let resourceContainerImageName: [StringFilter]?
        /// The date/time that the container was started.
        public let resourceContainerLaunchedAt: [DateFilter]?
        /// The name of the container related to a finding.
        public let resourceContainerName: [StringFilter]?
        /// The details of a resource that doesn't have a specific subfield for the resource type defined.
        public let resourceDetailsOther: [MapFilter]?
        /// The canonical identifier for the given resource type.
        public let resourceId: [StringFilter]?
        /// The canonical AWS partition name that the Region is assigned to.
        public let resourcePartition: [StringFilter]?
        /// The canonical AWS external Region name where this resource is located.
        public let resourceRegion: [StringFilter]?
        /// A list of AWS tags associated with a resource at the time the finding was processed.
        public let resourceTags: [MapFilter]?
        /// Specifies the type of the resource that details are provided for.
        public let resourceType: [StringFilter]?
        /// The label of a finding's severity.
        public let severityLabel: [StringFilter]?
        /// The normalized severity of a finding.
        public let severityNormalized: [NumberFilter]?
        /// The native severity as defined by the security-findings provider's solution that generated the finding.
        public let severityProduct: [NumberFilter]?
        /// A URL that links to a page about the current finding in the security-findings provider's solution.
        public let sourceUrl: [StringFilter]?
        /// The category of a threat intelligence indicator.
        public let threatIntelIndicatorCategory: [StringFilter]?
        /// The date/time of the last observation of a threat intelligence indicator.
        public let threatIntelIndicatorLastObservedAt: [DateFilter]?
        /// The source of the threat intelligence.
        public let threatIntelIndicatorSource: [StringFilter]?
        /// The URL for more details from the source of the threat intelligence.
        public let threatIntelIndicatorSourceUrl: [StringFilter]?
        /// The type of a threat intelligence indicator.
        public let threatIntelIndicatorType: [StringFilter]?
        /// The value of a threat intelligence indicator.
        public let threatIntelIndicatorValue: [StringFilter]?
        /// A finding's title.
        public let title: [StringFilter]?
        /// A finding type in the format of namespace/category/classifier that classifies a finding.
        public let type: [StringFilter]?
        /// An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.
        public let updatedAt: [DateFilter]?
        /// A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
        public let userDefinedFields: [MapFilter]?
        /// The veracity of a finding.
        public let verificationState: [StringFilter]?
        /// The workflow state of a finding. Note that this field is deprecated. To search for a finding based on its workflow status, use WorkflowStatus.
        public let workflowState: [StringFilter]?
        /// The status of the investigation into a finding. Allowed values are the following.    NEW - The initial state of a finding, before it is reviewed. Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:   The record state changes from ARCHIVED to ACTIVE.   The compliance status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.      NOTIFIED - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.    SUPPRESSED - The finding will not be reviewed again and will not be acted upon.    RESOLVED - The finding was reviewed and remediated and is now considered resolved.
        public let workflowStatus: [StringFilter]?

        public init(awsAccountId: [StringFilter]? = nil, companyName: [StringFilter]? = nil, complianceStatus: [StringFilter]? = nil, confidence: [NumberFilter]? = nil, createdAt: [DateFilter]? = nil, criticality: [NumberFilter]? = nil, description: [StringFilter]? = nil, firstObservedAt: [DateFilter]? = nil, generatorId: [StringFilter]? = nil, id: [StringFilter]? = nil, keyword: [KeywordFilter]? = nil, lastObservedAt: [DateFilter]? = nil, malwareName: [StringFilter]? = nil, malwarePath: [StringFilter]? = nil, malwareState: [StringFilter]? = nil, malwareType: [StringFilter]? = nil, networkDestinationDomain: [StringFilter]? = nil, networkDestinationIpV4: [IpFilter]? = nil, networkDestinationIpV6: [IpFilter]? = nil, networkDestinationPort: [NumberFilter]? = nil, networkDirection: [StringFilter]? = nil, networkProtocol: [StringFilter]? = nil, networkSourceDomain: [StringFilter]? = nil, networkSourceIpV4: [IpFilter]? = nil, networkSourceIpV6: [IpFilter]? = nil, networkSourceMac: [StringFilter]? = nil, networkSourcePort: [NumberFilter]? = nil, noteText: [StringFilter]? = nil, noteUpdatedAt: [DateFilter]? = nil, noteUpdatedBy: [StringFilter]? = nil, processLaunchedAt: [DateFilter]? = nil, processName: [StringFilter]? = nil, processParentPid: [NumberFilter]? = nil, processPath: [StringFilter]? = nil, processPid: [NumberFilter]? = nil, processTerminatedAt: [DateFilter]? = nil, productArn: [StringFilter]? = nil, productFields: [MapFilter]? = nil, productName: [StringFilter]? = nil, recommendationText: [StringFilter]? = nil, recordState: [StringFilter]? = nil, relatedFindingsId: [StringFilter]? = nil, relatedFindingsProductArn: [StringFilter]? = nil, resourceAwsEc2InstanceIamInstanceProfileArn: [StringFilter]? = nil, resourceAwsEc2InstanceImageId: [StringFilter]? = nil, resourceAwsEc2InstanceIpV4Addresses: [IpFilter]? = nil, resourceAwsEc2InstanceIpV6Addresses: [IpFilter]? = nil, resourceAwsEc2InstanceKeyName: [StringFilter]? = nil, resourceAwsEc2InstanceLaunchedAt: [DateFilter]? = nil, resourceAwsEc2InstanceSubnetId: [StringFilter]? = nil, resourceAwsEc2InstanceType: [StringFilter]? = nil, resourceAwsEc2InstanceVpcId: [StringFilter]? = nil, resourceAwsIamAccessKeyCreatedAt: [DateFilter]? = nil, resourceAwsIamAccessKeyStatus: [StringFilter]? = nil, resourceAwsIamAccessKeyUserName: [StringFilter]? = nil, resourceAwsS3BucketOwnerId: [StringFilter]? = nil, resourceAwsS3BucketOwnerName: [StringFilter]? = nil, resourceContainerImageId: [StringFilter]? = nil, resourceContainerImageName: [StringFilter]? = nil, resourceContainerLaunchedAt: [DateFilter]? = nil, resourceContainerName: [StringFilter]? = nil, resourceDetailsOther: [MapFilter]? = nil, resourceId: [StringFilter]? = nil, resourcePartition: [StringFilter]? = nil, resourceRegion: [StringFilter]? = nil, resourceTags: [MapFilter]? = nil, resourceType: [StringFilter]? = nil, severityLabel: [StringFilter]? = nil, severityNormalized: [NumberFilter]? = nil, severityProduct: [NumberFilter]? = nil, sourceUrl: [StringFilter]? = nil, threatIntelIndicatorCategory: [StringFilter]? = nil, threatIntelIndicatorLastObservedAt: [DateFilter]? = nil, threatIntelIndicatorSource: [StringFilter]? = nil, threatIntelIndicatorSourceUrl: [StringFilter]? = nil, threatIntelIndicatorType: [StringFilter]? = nil, threatIntelIndicatorValue: [StringFilter]? = nil, title: [StringFilter]? = nil, type: [StringFilter]? = nil, updatedAt: [DateFilter]? = nil, userDefinedFields: [MapFilter]? = nil, verificationState: [StringFilter]? = nil, workflowState: [StringFilter]? = nil, workflowStatus: [StringFilter]? = nil) {
            self.awsAccountId = awsAccountId
            self.companyName = companyName
            self.complianceStatus = complianceStatus
            self.confidence = confidence
            self.createdAt = createdAt
            self.criticality = criticality
            self.description = description
            self.firstObservedAt = firstObservedAt
            self.generatorId = generatorId
            self.id = id
            self.keyword = keyword
            self.lastObservedAt = lastObservedAt
            self.malwareName = malwareName
            self.malwarePath = malwarePath
            self.malwareState = malwareState
            self.malwareType = malwareType
            self.networkDestinationDomain = networkDestinationDomain
            self.networkDestinationIpV4 = networkDestinationIpV4
            self.networkDestinationIpV6 = networkDestinationIpV6
            self.networkDestinationPort = networkDestinationPort
            self.networkDirection = networkDirection
            self.networkProtocol = networkProtocol
            self.networkSourceDomain = networkSourceDomain
            self.networkSourceIpV4 = networkSourceIpV4
            self.networkSourceIpV6 = networkSourceIpV6
            self.networkSourceMac = networkSourceMac
            self.networkSourcePort = networkSourcePort
            self.noteText = noteText
            self.noteUpdatedAt = noteUpdatedAt
            self.noteUpdatedBy = noteUpdatedBy
            self.processLaunchedAt = processLaunchedAt
            self.processName = processName
            self.processParentPid = processParentPid
            self.processPath = processPath
            self.processPid = processPid
            self.processTerminatedAt = processTerminatedAt
            self.productArn = productArn
            self.productFields = productFields
            self.productName = productName
            self.recommendationText = recommendationText
            self.recordState = recordState
            self.relatedFindingsId = relatedFindingsId
            self.relatedFindingsProductArn = relatedFindingsProductArn
            self.resourceAwsEc2InstanceIamInstanceProfileArn = resourceAwsEc2InstanceIamInstanceProfileArn
            self.resourceAwsEc2InstanceImageId = resourceAwsEc2InstanceImageId
            self.resourceAwsEc2InstanceIpV4Addresses = resourceAwsEc2InstanceIpV4Addresses
            self.resourceAwsEc2InstanceIpV6Addresses = resourceAwsEc2InstanceIpV6Addresses
            self.resourceAwsEc2InstanceKeyName = resourceAwsEc2InstanceKeyName
            self.resourceAwsEc2InstanceLaunchedAt = resourceAwsEc2InstanceLaunchedAt
            self.resourceAwsEc2InstanceSubnetId = resourceAwsEc2InstanceSubnetId
            self.resourceAwsEc2InstanceType = resourceAwsEc2InstanceType
            self.resourceAwsEc2InstanceVpcId = resourceAwsEc2InstanceVpcId
            self.resourceAwsIamAccessKeyCreatedAt = resourceAwsIamAccessKeyCreatedAt
            self.resourceAwsIamAccessKeyStatus = resourceAwsIamAccessKeyStatus
            self.resourceAwsIamAccessKeyUserName = resourceAwsIamAccessKeyUserName
            self.resourceAwsS3BucketOwnerId = resourceAwsS3BucketOwnerId
            self.resourceAwsS3BucketOwnerName = resourceAwsS3BucketOwnerName
            self.resourceContainerImageId = resourceContainerImageId
            self.resourceContainerImageName = resourceContainerImageName
            self.resourceContainerLaunchedAt = resourceContainerLaunchedAt
            self.resourceContainerName = resourceContainerName
            self.resourceDetailsOther = resourceDetailsOther
            self.resourceId = resourceId
            self.resourcePartition = resourcePartition
            self.resourceRegion = resourceRegion
            self.resourceTags = resourceTags
            self.resourceType = resourceType
            self.severityLabel = severityLabel
            self.severityNormalized = severityNormalized
            self.severityProduct = severityProduct
            self.sourceUrl = sourceUrl
            self.threatIntelIndicatorCategory = threatIntelIndicatorCategory
            self.threatIntelIndicatorLastObservedAt = threatIntelIndicatorLastObservedAt
            self.threatIntelIndicatorSource = threatIntelIndicatorSource
            self.threatIntelIndicatorSourceUrl = threatIntelIndicatorSourceUrl
            self.threatIntelIndicatorType = threatIntelIndicatorType
            self.threatIntelIndicatorValue = threatIntelIndicatorValue
            self.title = title
            self.type = type
            self.updatedAt = updatedAt
            self.userDefinedFields = userDefinedFields
            self.verificationState = verificationState
            self.workflowState = workflowState
            self.workflowStatus = workflowStatus
        }

        public func validate(name: String) throws {
            try self.awsAccountId?.forEach {
                try $0.validate(name: "\(name).awsAccountId[]")
            }
            try self.companyName?.forEach {
                try $0.validate(name: "\(name).companyName[]")
            }
            try self.complianceStatus?.forEach {
                try $0.validate(name: "\(name).complianceStatus[]")
            }
            try self.createdAt?.forEach {
                try $0.validate(name: "\(name).createdAt[]")
            }
            try self.description?.forEach {
                try $0.validate(name: "\(name).description[]")
            }
            try self.firstObservedAt?.forEach {
                try $0.validate(name: "\(name).firstObservedAt[]")
            }
            try self.generatorId?.forEach {
                try $0.validate(name: "\(name).generatorId[]")
            }
            try self.id?.forEach {
                try $0.validate(name: "\(name).id[]")
            }
            try self.keyword?.forEach {
                try $0.validate(name: "\(name).keyword[]")
            }
            try self.lastObservedAt?.forEach {
                try $0.validate(name: "\(name).lastObservedAt[]")
            }
            try self.malwareName?.forEach {
                try $0.validate(name: "\(name).malwareName[]")
            }
            try self.malwarePath?.forEach {
                try $0.validate(name: "\(name).malwarePath[]")
            }
            try self.malwareState?.forEach {
                try $0.validate(name: "\(name).malwareState[]")
            }
            try self.malwareType?.forEach {
                try $0.validate(name: "\(name).malwareType[]")
            }
            try self.networkDestinationDomain?.forEach {
                try $0.validate(name: "\(name).networkDestinationDomain[]")
            }
            try self.networkDestinationIpV4?.forEach {
                try $0.validate(name: "\(name).networkDestinationIpV4[]")
            }
            try self.networkDestinationIpV6?.forEach {
                try $0.validate(name: "\(name).networkDestinationIpV6[]")
            }
            try self.networkDirection?.forEach {
                try $0.validate(name: "\(name).networkDirection[]")
            }
            try self.networkProtocol?.forEach {
                try $0.validate(name: "\(name).networkProtocol[]")
            }
            try self.networkSourceDomain?.forEach {
                try $0.validate(name: "\(name).networkSourceDomain[]")
            }
            try self.networkSourceIpV4?.forEach {
                try $0.validate(name: "\(name).networkSourceIpV4[]")
            }
            try self.networkSourceIpV6?.forEach {
                try $0.validate(name: "\(name).networkSourceIpV6[]")
            }
            try self.networkSourceMac?.forEach {
                try $0.validate(name: "\(name).networkSourceMac[]")
            }
            try self.noteText?.forEach {
                try $0.validate(name: "\(name).noteText[]")
            }
            try self.noteUpdatedAt?.forEach {
                try $0.validate(name: "\(name).noteUpdatedAt[]")
            }
            try self.noteUpdatedBy?.forEach {
                try $0.validate(name: "\(name).noteUpdatedBy[]")
            }
            try self.processLaunchedAt?.forEach {
                try $0.validate(name: "\(name).processLaunchedAt[]")
            }
            try self.processName?.forEach {
                try $0.validate(name: "\(name).processName[]")
            }
            try self.processPath?.forEach {
                try $0.validate(name: "\(name).processPath[]")
            }
            try self.processTerminatedAt?.forEach {
                try $0.validate(name: "\(name).processTerminatedAt[]")
            }
            try self.productArn?.forEach {
                try $0.validate(name: "\(name).productArn[]")
            }
            try self.productFields?.forEach {
                try $0.validate(name: "\(name).productFields[]")
            }
            try self.productName?.forEach {
                try $0.validate(name: "\(name).productName[]")
            }
            try self.recommendationText?.forEach {
                try $0.validate(name: "\(name).recommendationText[]")
            }
            try self.recordState?.forEach {
                try $0.validate(name: "\(name).recordState[]")
            }
            try self.relatedFindingsId?.forEach {
                try $0.validate(name: "\(name).relatedFindingsId[]")
            }
            try self.relatedFindingsProductArn?.forEach {
                try $0.validate(name: "\(name).relatedFindingsProductArn[]")
            }
            try self.resourceAwsEc2InstanceIamInstanceProfileArn?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceIamInstanceProfileArn[]")
            }
            try self.resourceAwsEc2InstanceImageId?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceImageId[]")
            }
            try self.resourceAwsEc2InstanceIpV4Addresses?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceIpV4Addresses[]")
            }
            try self.resourceAwsEc2InstanceIpV6Addresses?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceIpV6Addresses[]")
            }
            try self.resourceAwsEc2InstanceKeyName?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceKeyName[]")
            }
            try self.resourceAwsEc2InstanceLaunchedAt?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceLaunchedAt[]")
            }
            try self.resourceAwsEc2InstanceSubnetId?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceSubnetId[]")
            }
            try self.resourceAwsEc2InstanceType?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceType[]")
            }
            try self.resourceAwsEc2InstanceVpcId?.forEach {
                try $0.validate(name: "\(name).resourceAwsEc2InstanceVpcId[]")
            }
            try self.resourceAwsIamAccessKeyCreatedAt?.forEach {
                try $0.validate(name: "\(name).resourceAwsIamAccessKeyCreatedAt[]")
            }
            try self.resourceAwsIamAccessKeyStatus?.forEach {
                try $0.validate(name: "\(name).resourceAwsIamAccessKeyStatus[]")
            }
            try self.resourceAwsIamAccessKeyUserName?.forEach {
                try $0.validate(name: "\(name).resourceAwsIamAccessKeyUserName[]")
            }
            try self.resourceAwsS3BucketOwnerId?.forEach {
                try $0.validate(name: "\(name).resourceAwsS3BucketOwnerId[]")
            }
            try self.resourceAwsS3BucketOwnerName?.forEach {
                try $0.validate(name: "\(name).resourceAwsS3BucketOwnerName[]")
            }
            try self.resourceContainerImageId?.forEach {
                try $0.validate(name: "\(name).resourceContainerImageId[]")
            }
            try self.resourceContainerImageName?.forEach {
                try $0.validate(name: "\(name).resourceContainerImageName[]")
            }
            try self.resourceContainerLaunchedAt?.forEach {
                try $0.validate(name: "\(name).resourceContainerLaunchedAt[]")
            }
            try self.resourceContainerName?.forEach {
                try $0.validate(name: "\(name).resourceContainerName[]")
            }
            try self.resourceDetailsOther?.forEach {
                try $0.validate(name: "\(name).resourceDetailsOther[]")
            }
            try self.resourceId?.forEach {
                try $0.validate(name: "\(name).resourceId[]")
            }
            try self.resourcePartition?.forEach {
                try $0.validate(name: "\(name).resourcePartition[]")
            }
            try self.resourceRegion?.forEach {
                try $0.validate(name: "\(name).resourceRegion[]")
            }
            try self.resourceTags?.forEach {
                try $0.validate(name: "\(name).resourceTags[]")
            }
            try self.resourceType?.forEach {
                try $0.validate(name: "\(name).resourceType[]")
            }
            try self.severityLabel?.forEach {
                try $0.validate(name: "\(name).severityLabel[]")
            }
            try self.sourceUrl?.forEach {
                try $0.validate(name: "\(name).sourceUrl[]")
            }
            try self.threatIntelIndicatorCategory?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorCategory[]")
            }
            try self.threatIntelIndicatorLastObservedAt?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorLastObservedAt[]")
            }
            try self.threatIntelIndicatorSource?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorSource[]")
            }
            try self.threatIntelIndicatorSourceUrl?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorSourceUrl[]")
            }
            try self.threatIntelIndicatorType?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorType[]")
            }
            try self.threatIntelIndicatorValue?.forEach {
                try $0.validate(name: "\(name).threatIntelIndicatorValue[]")
            }
            try self.title?.forEach {
                try $0.validate(name: "\(name).title[]")
            }
            try self.type?.forEach {
                try $0.validate(name: "\(name).type[]")
            }
            try self.updatedAt?.forEach {
                try $0.validate(name: "\(name).updatedAt[]")
            }
            try self.userDefinedFields?.forEach {
                try $0.validate(name: "\(name).userDefinedFields[]")
            }
            try self.verificationState?.forEach {
                try $0.validate(name: "\(name).verificationState[]")
            }
            try self.workflowState?.forEach {
                try $0.validate(name: "\(name).workflowState[]")
            }
            try self.workflowStatus?.forEach {
                try $0.validate(name: "\(name).workflowStatus[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case awsAccountId = "AwsAccountId"
            case companyName = "CompanyName"
            case complianceStatus = "ComplianceStatus"
            case confidence = "Confidence"
            case createdAt = "CreatedAt"
            case criticality = "Criticality"
            case description = "Description"
            case firstObservedAt = "FirstObservedAt"
            case generatorId = "GeneratorId"
            case id = "Id"
            case keyword = "Keyword"
            case lastObservedAt = "LastObservedAt"
            case malwareName = "MalwareName"
            case malwarePath = "MalwarePath"
            case malwareState = "MalwareState"
            case malwareType = "MalwareType"
            case networkDestinationDomain = "NetworkDestinationDomain"
            case networkDestinationIpV4 = "NetworkDestinationIpV4"
            case networkDestinationIpV6 = "NetworkDestinationIpV6"
            case networkDestinationPort = "NetworkDestinationPort"
            case networkDirection = "NetworkDirection"
            case networkProtocol = "NetworkProtocol"
            case networkSourceDomain = "NetworkSourceDomain"
            case networkSourceIpV4 = "NetworkSourceIpV4"
            case networkSourceIpV6 = "NetworkSourceIpV6"
            case networkSourceMac = "NetworkSourceMac"
            case networkSourcePort = "NetworkSourcePort"
            case noteText = "NoteText"
            case noteUpdatedAt = "NoteUpdatedAt"
            case noteUpdatedBy = "NoteUpdatedBy"
            case processLaunchedAt = "ProcessLaunchedAt"
            case processName = "ProcessName"
            case processParentPid = "ProcessParentPid"
            case processPath = "ProcessPath"
            case processPid = "ProcessPid"
            case processTerminatedAt = "ProcessTerminatedAt"
            case productArn = "ProductArn"
            case productFields = "ProductFields"
            case productName = "ProductName"
            case recommendationText = "RecommendationText"
            case recordState = "RecordState"
            case relatedFindingsId = "RelatedFindingsId"
            case relatedFindingsProductArn = "RelatedFindingsProductArn"
            case resourceAwsEc2InstanceIamInstanceProfileArn = "ResourceAwsEc2InstanceIamInstanceProfileArn"
            case resourceAwsEc2InstanceImageId = "ResourceAwsEc2InstanceImageId"
            case resourceAwsEc2InstanceIpV4Addresses = "ResourceAwsEc2InstanceIpV4Addresses"
            case resourceAwsEc2InstanceIpV6Addresses = "ResourceAwsEc2InstanceIpV6Addresses"
            case resourceAwsEc2InstanceKeyName = "ResourceAwsEc2InstanceKeyName"
            case resourceAwsEc2InstanceLaunchedAt = "ResourceAwsEc2InstanceLaunchedAt"
            case resourceAwsEc2InstanceSubnetId = "ResourceAwsEc2InstanceSubnetId"
            case resourceAwsEc2InstanceType = "ResourceAwsEc2InstanceType"
            case resourceAwsEc2InstanceVpcId = "ResourceAwsEc2InstanceVpcId"
            case resourceAwsIamAccessKeyCreatedAt = "ResourceAwsIamAccessKeyCreatedAt"
            case resourceAwsIamAccessKeyStatus = "ResourceAwsIamAccessKeyStatus"
            case resourceAwsIamAccessKeyUserName = "ResourceAwsIamAccessKeyUserName"
            case resourceAwsS3BucketOwnerId = "ResourceAwsS3BucketOwnerId"
            case resourceAwsS3BucketOwnerName = "ResourceAwsS3BucketOwnerName"
            case resourceContainerImageId = "ResourceContainerImageId"
            case resourceContainerImageName = "ResourceContainerImageName"
            case resourceContainerLaunchedAt = "ResourceContainerLaunchedAt"
            case resourceContainerName = "ResourceContainerName"
            case resourceDetailsOther = "ResourceDetailsOther"
            case resourceId = "ResourceId"
            case resourcePartition = "ResourcePartition"
            case resourceRegion = "ResourceRegion"
            case resourceTags = "ResourceTags"
            case resourceType = "ResourceType"
            case severityLabel = "SeverityLabel"
            case severityNormalized = "SeverityNormalized"
            case severityProduct = "SeverityProduct"
            case sourceUrl = "SourceUrl"
            case threatIntelIndicatorCategory = "ThreatIntelIndicatorCategory"
            case threatIntelIndicatorLastObservedAt = "ThreatIntelIndicatorLastObservedAt"
            case threatIntelIndicatorSource = "ThreatIntelIndicatorSource"
            case threatIntelIndicatorSourceUrl = "ThreatIntelIndicatorSourceUrl"
            case threatIntelIndicatorType = "ThreatIntelIndicatorType"
            case threatIntelIndicatorValue = "ThreatIntelIndicatorValue"
            case title = "Title"
            case type = "Type"
            case updatedAt = "UpdatedAt"
            case userDefinedFields = "UserDefinedFields"
            case verificationState = "VerificationState"
            case workflowState = "WorkflowState"
            case workflowStatus = "WorkflowStatus"
        }
    }

    public struct AwsSecurityFindingIdentifier: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the finding that was specified by the finding provider.
        public let id: String
        /// The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
        public let productArn: String

        public init(id: String, productArn: String) {
            self.id = id
            self.productArn = productArn
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.productArn, name: "productArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case productArn = "ProductArn"
        }
    }

    public struct AwsSnsTopicDetails: AWSEncodableShape & AWSDecodableShape {
        /// The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK.
        public let kmsMasterKeyId: String?
        /// The subscription's owner.
        public let owner: String?
        /// Subscription is an embedded property that describes the subscription endpoints of an Amazon SNS topic.
        public let subscription: [AwsSnsTopicSubscription]?
        /// The name of the topic.
        public let topicName: String?

        public init(kmsMasterKeyId: String? = nil, owner: String? = nil, subscription: [AwsSnsTopicSubscription]? = nil, topicName: String? = nil) {
            self.kmsMasterKeyId = kmsMasterKeyId
            self.owner = owner
            self.subscription = subscription
            self.topicName = topicName
        }

        public func validate(name: String) throws {
            try self.validate(self.kmsMasterKeyId, name: "kmsMasterKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.owner, name: "owner", parent: name, pattern: ".*\\S.*")
            try self.subscription?.forEach {
                try $0.validate(name: "\(name).subscription[]")
            }
            try self.validate(self.topicName, name: "topicName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case kmsMasterKeyId = "KmsMasterKeyId"
            case owner = "Owner"
            case subscription = "Subscription"
            case topicName = "TopicName"
        }
    }

    public struct AwsSnsTopicSubscription: AWSEncodableShape & AWSDecodableShape {
        /// The subscription's endpoint (format depends on the protocol).
        public let endpoint: String?
        /// The subscription's protocol.
        public let `protocol`: String?

        public init(endpoint: String? = nil, protocol: String? = nil) {
            self.endpoint = endpoint
            self.`protocol` = `protocol`
        }

        public func validate(name: String) throws {
            try self.validate(self.endpoint, name: "endpoint", parent: name, pattern: ".*\\S.*")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case endpoint = "Endpoint"
            case `protocol` = "Protocol"
        }
    }

    public struct AwsSqsQueueDetails: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of maxReceiveCount is exceeded.
        public let deadLetterTargetArn: String?
        /// The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again.
        public let kmsDataKeyReusePeriodSeconds: Int?
        /// The ID of an AWS managed customer master key (CMK) for Amazon SQS or a custom CMK.
        public let kmsMasterKeyId: String?
        /// The name of the new queue.
        public let queueName: String?

        public init(deadLetterTargetArn: String? = nil, kmsDataKeyReusePeriodSeconds: Int? = nil, kmsMasterKeyId: String? = nil, queueName: String? = nil) {
            self.deadLetterTargetArn = deadLetterTargetArn
            self.kmsDataKeyReusePeriodSeconds = kmsDataKeyReusePeriodSeconds
            self.kmsMasterKeyId = kmsMasterKeyId
            self.queueName = queueName
        }

        public func validate(name: String) throws {
            try self.validate(self.deadLetterTargetArn, name: "deadLetterTargetArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.kmsMasterKeyId, name: "kmsMasterKeyId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.queueName, name: "queueName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case deadLetterTargetArn = "DeadLetterTargetArn"
            case kmsDataKeyReusePeriodSeconds = "KmsDataKeyReusePeriodSeconds"
            case kmsMasterKeyId = "KmsMasterKeyId"
            case queueName = "QueueName"
        }
    }

    public struct AwsSsmComplianceSummary: AWSEncodableShape & AWSDecodableShape {
        /// The type of resource for which the compliance was determined. For AwsSsmPatchCompliance, ComplianceType is Patch.
        public let complianceType: String?
        /// For the patches that are compliant, the number that have a severity of CRITICAL.
        public let compliantCriticalCount: Int?
        /// For the patches that are compliant, the number that have a severity of HIGH.
        public let compliantHighCount: Int?
        /// For the patches that are compliant, the number that have a severity of INFORMATIONAL.
        public let compliantInformationalCount: Int?
        /// For the patches that are compliant, the number that have a severity of LOW.
        public let compliantLowCount: Int?
        /// For the patches that are compliant, the number that have a severity of MEDIUM.
        public let compliantMediumCount: Int?
        /// For the patches that are compliant, the number that have a severity of UNSPECIFIED.
        public let compliantUnspecifiedCount: Int?
        /// The type of execution that was used determine compliance.
        public let executionType: String?
        /// For the patch items that are noncompliant, the number of items that have a severity of CRITICAL.
        public let nonCompliantCriticalCount: Int?
        /// For the patches that are noncompliant, the number that have a severity of HIGH.
        public let nonCompliantHighCount: Int?
        /// For the patches that are noncompliant, the number that have a severity of INFORMATIONAL.
        public let nonCompliantInformationalCount: Int?
        /// For the patches that are noncompliant, the number that have a severity of LOW.
        public let nonCompliantLowCount: Int?
        /// For the patches that are noncompliant, the number that have a severity of MEDIUM.
        public let nonCompliantMediumCount: Int?
        /// For the patches that are noncompliant, the number that have a severity of UNSPECIFIED.
        public let nonCompliantUnspecifiedCount: Int?
        /// The highest severity for the patches.
        public let overallSeverity: String?
        /// The identifier of the patch baseline. The patch baseline lists the patches that are approved for installation.
        public let patchBaselineId: String?
        /// The identifier of the patch group for which compliance was determined. A patch group uses tags to group EC2 instances that should have the same patch compliance.
        public let patchGroup: String?
        /// The current patch compliance status. The possible status values are:    COMPLIANT     NON_COMPLIANT     UNSPECIFIED_DATA
        public let status: String?

        public init(complianceType: String? = nil, compliantCriticalCount: Int? = nil, compliantHighCount: Int? = nil, compliantInformationalCount: Int? = nil, compliantLowCount: Int? = nil, compliantMediumCount: Int? = nil, compliantUnspecifiedCount: Int? = nil, executionType: String? = nil, nonCompliantCriticalCount: Int? = nil, nonCompliantHighCount: Int? = nil, nonCompliantInformationalCount: Int? = nil, nonCompliantLowCount: Int? = nil, nonCompliantMediumCount: Int? = nil, nonCompliantUnspecifiedCount: Int? = nil, overallSeverity: String? = nil, patchBaselineId: String? = nil, patchGroup: String? = nil, status: String? = nil) {
            self.complianceType = complianceType
            self.compliantCriticalCount = compliantCriticalCount
            self.compliantHighCount = compliantHighCount
            self.compliantInformationalCount = compliantInformationalCount
            self.compliantLowCount = compliantLowCount
            self.compliantMediumCount = compliantMediumCount
            self.compliantUnspecifiedCount = compliantUnspecifiedCount
            self.executionType = executionType
            self.nonCompliantCriticalCount = nonCompliantCriticalCount
            self.nonCompliantHighCount = nonCompliantHighCount
            self.nonCompliantInformationalCount = nonCompliantInformationalCount
            self.nonCompliantLowCount = nonCompliantLowCount
            self.nonCompliantMediumCount = nonCompliantMediumCount
            self.nonCompliantUnspecifiedCount = nonCompliantUnspecifiedCount
            self.overallSeverity = overallSeverity
            self.patchBaselineId = patchBaselineId
            self.patchGroup = patchGroup
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.complianceType, name: "complianceType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.executionType, name: "executionType", parent: name, pattern: ".*\\S.*")
            try self.validate(self.overallSeverity, name: "overallSeverity", parent: name, pattern: ".*\\S.*")
            try self.validate(self.patchBaselineId, name: "patchBaselineId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.patchGroup, name: "patchGroup", parent: name, pattern: ".*\\S.*")
            try self.validate(self.status, name: "status", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case complianceType = "ComplianceType"
            case compliantCriticalCount = "CompliantCriticalCount"
            case compliantHighCount = "CompliantHighCount"
            case compliantInformationalCount = "CompliantInformationalCount"
            case compliantLowCount = "CompliantLowCount"
            case compliantMediumCount = "CompliantMediumCount"
            case compliantUnspecifiedCount = "CompliantUnspecifiedCount"
            case executionType = "ExecutionType"
            case nonCompliantCriticalCount = "NonCompliantCriticalCount"
            case nonCompliantHighCount = "NonCompliantHighCount"
            case nonCompliantInformationalCount = "NonCompliantInformationalCount"
            case nonCompliantLowCount = "NonCompliantLowCount"
            case nonCompliantMediumCount = "NonCompliantMediumCount"
            case nonCompliantUnspecifiedCount = "NonCompliantUnspecifiedCount"
            case overallSeverity = "OverallSeverity"
            case patchBaselineId = "PatchBaselineId"
            case patchGroup = "PatchGroup"
            case status = "Status"
        }
    }

    public struct AwsSsmPatch: AWSEncodableShape & AWSDecodableShape {
        /// The compliance status details for the patch.
        public let complianceSummary: AwsSsmComplianceSummary?

        public init(complianceSummary: AwsSsmComplianceSummary? = nil) {
            self.complianceSummary = complianceSummary
        }

        public func validate(name: String) throws {
            try self.complianceSummary?.validate(name: "\(name).complianceSummary")
        }

        private enum CodingKeys: String, CodingKey {
            case complianceSummary = "ComplianceSummary"
        }
    }

    public struct AwsSsmPatchComplianceDetails: AWSEncodableShape & AWSDecodableShape {
        /// Information about the status of a patch.
        public let patch: AwsSsmPatch?

        public init(patch: AwsSsmPatch? = nil) {
            self.patch = patch
        }

        public func validate(name: String) throws {
            try self.patch?.validate(name: "\(name).patch")
        }

        private enum CodingKeys: String, CodingKey {
            case patch = "Patch"
        }
    }

    public struct AwsWafWebAclDetails: AWSEncodableShape & AWSDecodableShape {
        /// The action to perform if none of the rules contained in the WebACL match.
        public let defaultAction: String?
        /// A friendly name or description of the WebACL. You can't change the name of a WebACL after you create it.
        public let name: String?
        /// An array that contains the action for each rule in a WebACL, the priority of the rule, and the ID of the rule.
        public let rules: [AwsWafWebAclRule]?
        /// A unique identifier for a WebACL.
        public let webAclId: String?

        public init(defaultAction: String? = nil, name: String? = nil, rules: [AwsWafWebAclRule]? = nil, webAclId: String? = nil) {
            self.defaultAction = defaultAction
            self.name = name
            self.rules = rules
            self.webAclId = webAclId
        }

        public func validate(name: String) throws {
            try self.validate(self.defaultAction, name: "defaultAction", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.rules?.forEach {
                try $0.validate(name: "\(name).rules[]")
            }
            try self.validate(self.webAclId, name: "webAclId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case defaultAction = "DefaultAction"
            case name = "Name"
            case rules = "Rules"
            case webAclId = "WebAclId"
        }
    }

    public struct AwsWafWebAclRule: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
        public let action: WafAction?
        /// Rules to exclude from a rule group.
        public let excludedRules: [WafExcludedRule]?
        /// Use the OverrideAction to test your RuleGroup. Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction to None, the RuleGroup blocks a request if any individual rule in the RuleGroup matches the request and is configured to block that request. However, if you first want to test the RuleGroup, set the OverrideAction to Count. The RuleGroup then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.  ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a WebACL. In this case you do not use ActivatedRule|Action. For all other update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
        public let overrideAction: WafOverrideAction?
        /// Specifies the order in which the rules in a WebACL are evaluated. Rules with a lower value for Priority are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a WebACL, the values do not need to be consecutive.
        public let priority: Int?
        /// The identifier for a rule.
        public let ruleId: String?
        /// The rule type. Valid values: REGULAR | RATE_BASED | GROUP  The default is REGULAR.
        public let type: String?

        public init(action: WafAction? = nil, excludedRules: [WafExcludedRule]? = nil, overrideAction: WafOverrideAction? = nil, priority: Int? = nil, ruleId: String? = nil, type: String? = nil) {
            self.action = action
            self.excludedRules = excludedRules
            self.overrideAction = overrideAction
            self.priority = priority
            self.ruleId = ruleId
            self.type = type
        }

        public func validate(name: String) throws {
            try self.action?.validate(name: "\(name).action")
            try self.excludedRules?.forEach {
                try $0.validate(name: "\(name).excludedRules[]")
            }
            try self.overrideAction?.validate(name: "\(name).overrideAction")
            try self.validate(self.ruleId, name: "ruleId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case action = "Action"
            case excludedRules = "ExcludedRules"
            case overrideAction = "OverrideAction"
            case priority = "Priority"
            case ruleId = "RuleId"
            case type = "Type"
        }
    }

    public struct BatchDisableStandardsRequest: AWSEncodableShape {
        /// The ARNs of the standards subscriptions to disable.
        public let standardsSubscriptionArns: [String]

        public init(standardsSubscriptionArns: [String]) {
            self.standardsSubscriptionArns = standardsSubscriptionArns
        }

        public func validate(name: String) throws {
            try self.standardsSubscriptionArns.forEach {
                try validate($0, name: "standardsSubscriptionArns[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.standardsSubscriptionArns, name: "standardsSubscriptionArns", parent: name, max: 25)
            try self.validate(self.standardsSubscriptionArns, name: "standardsSubscriptionArns", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case standardsSubscriptionArns = "StandardsSubscriptionArns"
        }
    }

    public struct BatchDisableStandardsResponse: AWSDecodableShape {
        /// The details of the standards subscriptions that were disabled.
        public let standardsSubscriptions: [StandardsSubscription]?

        public init(standardsSubscriptions: [StandardsSubscription]? = nil) {
            self.standardsSubscriptions = standardsSubscriptions
        }

        private enum CodingKeys: String, CodingKey {
            case standardsSubscriptions = "StandardsSubscriptions"
        }
    }

    public struct BatchEnableStandardsRequest: AWSEncodableShape {
        /// The list of standards checks to enable.
        public let standardsSubscriptionRequests: [StandardsSubscriptionRequest]

        public init(standardsSubscriptionRequests: [StandardsSubscriptionRequest]) {
            self.standardsSubscriptionRequests = standardsSubscriptionRequests
        }

        public func validate(name: String) throws {
            try self.standardsSubscriptionRequests.forEach {
                try $0.validate(name: "\(name).standardsSubscriptionRequests[]")
            }
            try self.validate(self.standardsSubscriptionRequests, name: "standardsSubscriptionRequests", parent: name, max: 25)
            try self.validate(self.standardsSubscriptionRequests, name: "standardsSubscriptionRequests", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case standardsSubscriptionRequests = "StandardsSubscriptionRequests"
        }
    }

    public struct BatchEnableStandardsResponse: AWSDecodableShape {
        /// The details of the standards subscriptions that were enabled.
        public let standardsSubscriptions: [StandardsSubscription]?

        public init(standardsSubscriptions: [StandardsSubscription]? = nil) {
            self.standardsSubscriptions = standardsSubscriptions
        }

        private enum CodingKeys: String, CodingKey {
            case standardsSubscriptions = "StandardsSubscriptions"
        }
    }

    public struct BatchImportFindingsRequest: AWSEncodableShape {
        /// A list of findings to import. To successfully import a finding, it must follow the AWS Security Finding Format. Maximum of 100 findings per request.
        public let findings: [AwsSecurityFinding]

        public init(findings: [AwsSecurityFinding]) {
            self.findings = findings
        }

        public func validate(name: String) throws {
            try self.findings.forEach {
                try $0.validate(name: "\(name).findings[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case findings = "Findings"
        }
    }

    public struct BatchImportFindingsResponse: AWSDecodableShape {
        /// The number of findings that failed to import.
        public let failedCount: Int
        /// The list of findings that failed to import.
        public let failedFindings: [ImportFindingsError]?
        /// The number of findings that were successfully imported.
        public let successCount: Int

        public init(failedCount: Int, failedFindings: [ImportFindingsError]? = nil, successCount: Int) {
            self.failedCount = failedCount
            self.failedFindings = failedFindings
            self.successCount = successCount
        }

        private enum CodingKeys: String, CodingKey {
            case failedCount = "FailedCount"
            case failedFindings = "FailedFindings"
            case successCount = "SuccessCount"
        }
    }

    public struct BatchUpdateFindingsRequest: AWSEncodableShape {
        /// The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
        public let confidence: Int?
        /// The updated value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
        public let criticality: Int?
        /// The list of findings to update. BatchUpdateFindings can be used to update up to 100 findings at a time. For each finding, the list provides the finding identifier and the ARN of the finding provider.
        public let findingIdentifiers: [AwsSecurityFindingIdentifier]
        public let note: NoteUpdate?
        /// A list of findings that are related to the updated findings.
        public let relatedFindings: [RelatedFinding]?
        /// Used to update the finding severity.
        public let severity: SeverityUpdate?
        /// One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows.   Software and Configuration Checks   TTPs   Effects   Unusual Behaviors   Sensitive Data Identifications
        public let types: [String]?
        /// A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
        public let userDefinedFields: [String: String]?
        /// Indicates the veracity of a finding. The available values for VerificationState are as follows.    UNKNOWN – The default disposition of a security finding    TRUE_POSITIVE – The security finding is confirmed    FALSE_POSITIVE – The security finding was determined to be a false alarm    BENIGN_POSITIVE – A special case of TRUE_POSITIVE where the finding doesn't pose any threat, is expected, or both
        public let verificationState: VerificationState?
        /// Used to update the workflow status of a finding. The workflow status indicates the progress of the investigation into the finding.
        public let workflow: WorkflowUpdate?

        public init(confidence: Int? = nil, criticality: Int? = nil, findingIdentifiers: [AwsSecurityFindingIdentifier], note: NoteUpdate? = nil, relatedFindings: [RelatedFinding]? = nil, severity: SeverityUpdate? = nil, types: [String]? = nil, userDefinedFields: [String: String]? = nil, verificationState: VerificationState? = nil, workflow: WorkflowUpdate? = nil) {
            self.confidence = confidence
            self.criticality = criticality
            self.findingIdentifiers = findingIdentifiers
            self.note = note
            self.relatedFindings = relatedFindings
            self.severity = severity
            self.types = types
            self.userDefinedFields = userDefinedFields
            self.verificationState = verificationState
            self.workflow = workflow
        }

        public func validate(name: String) throws {
            try self.validate(self.confidence, name: "confidence", parent: name, max: 100)
            try self.validate(self.confidence, name: "confidence", parent: name, min: 0)
            try self.validate(self.criticality, name: "criticality", parent: name, max: 100)
            try self.validate(self.criticality, name: "criticality", parent: name, min: 0)
            try self.findingIdentifiers.forEach {
                try $0.validate(name: "\(name).findingIdentifiers[]")
            }
            try self.note?.validate(name: "\(name).note")
            try self.relatedFindings?.forEach {
                try $0.validate(name: "\(name).relatedFindings[]")
            }
            try self.severity?.validate(name: "\(name).severity")
            try self.types?.forEach {
                try validate($0, name: "types[]", parent: name, pattern: ".*\\S.*")
            }
            try self.userDefinedFields?.forEach {
                try validate($0.key, name: "userDefinedFields.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "userDefinedFields[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case confidence = "Confidence"
            case criticality = "Criticality"
            case findingIdentifiers = "FindingIdentifiers"
            case note = "Note"
            case relatedFindings = "RelatedFindings"
            case severity = "Severity"
            case types = "Types"
            case userDefinedFields = "UserDefinedFields"
            case verificationState = "VerificationState"
            case workflow = "Workflow"
        }
    }

    public struct BatchUpdateFindingsResponse: AWSDecodableShape {
        /// The list of findings that were updated successfully.
        public let processedFindings: [AwsSecurityFindingIdentifier]
        /// The list of findings that were not updated.
        public let unprocessedFindings: [BatchUpdateFindingsUnprocessedFinding]

        public init(processedFindings: [AwsSecurityFindingIdentifier], unprocessedFindings: [BatchUpdateFindingsUnprocessedFinding]) {
            self.processedFindings = processedFindings
            self.unprocessedFindings = unprocessedFindings
        }

        private enum CodingKeys: String, CodingKey {
            case processedFindings = "ProcessedFindings"
            case unprocessedFindings = "UnprocessedFindings"
        }
    }

    public struct BatchUpdateFindingsUnprocessedFinding: AWSDecodableShape {
        /// The code associated with the error.
        public let errorCode: String
        /// The message associated with the error.
        public let errorMessage: String
        /// The identifier of the finding that was not updated.
        public let findingIdentifier: AwsSecurityFindingIdentifier

        public init(errorCode: String, errorMessage: String, findingIdentifier: AwsSecurityFindingIdentifier) {
            self.errorCode = errorCode
            self.errorMessage = errorMessage
            self.findingIdentifier = findingIdentifier
        }

        private enum CodingKeys: String, CodingKey {
            case errorCode = "ErrorCode"
            case errorMessage = "ErrorMessage"
            case findingIdentifier = "FindingIdentifier"
        }
    }

    public struct CidrBlockAssociation: AWSEncodableShape & AWSDecodableShape {
        /// The association ID for the IPv4 CIDR block.
        public let associationId: String?
        /// The IPv4 CIDR block.
        public let cidrBlock: String?
        /// Information about the state of the IPv4 CIDR block.
        public let cidrBlockState: String?

        public init(associationId: String? = nil, cidrBlock: String? = nil, cidrBlockState: String? = nil) {
            self.associationId = associationId
            self.cidrBlock = cidrBlock
            self.cidrBlockState = cidrBlockState
        }

        public func validate(name: String) throws {
            try self.validate(self.associationId, name: "associationId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cidrBlock, name: "cidrBlock", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cidrBlockState, name: "cidrBlockState", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case associationId = "AssociationId"
            case cidrBlock = "CidrBlock"
            case cidrBlockState = "CidrBlockState"
        }
    }

    public struct City: AWSEncodableShape & AWSDecodableShape {
        /// The name of the city.
        public let cityName: String?

        public init(cityName: String? = nil) {
            self.cityName = cityName
        }

        public func validate(name: String) throws {
            try self.validate(self.cityName, name: "cityName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cityName = "CityName"
        }
    }

    public struct Compliance: AWSEncodableShape & AWSDecodableShape {
        /// For a control, the industry or regulatory framework requirements that are related to the control. The check for that control is aligned with these requirements.
        public let relatedRequirements: [String]?
        /// The result of a standards check. The valid values for Status are as follows.      PASSED - Standards check passed for all evaluated resources.    WARNING - Some information is missing or this check is not supported for your configuration.    FAILED - Standards check failed for at least one evaluated resource.    NOT_AVAILABLE - Check could not be performed due to a service outage, API error, or because the result of the AWS Config evaluation was NOT_APPLICABLE. If the AWS Config evaluation result was NOT_APPLICABLE, then after 3 days, Security Hub automatically archives the finding.
        public let status: ComplianceStatus?
        /// For findings generated from controls, a list of reasons behind the value of Status. For the list of status reason codes and their meanings, see Standards-related information in the ASFF in the AWS Security Hub User Guide.
        public let statusReasons: [StatusReason]?

        public init(relatedRequirements: [String]? = nil, status: ComplianceStatus? = nil, statusReasons: [StatusReason]? = nil) {
            self.relatedRequirements = relatedRequirements
            self.status = status
            self.statusReasons = statusReasons
        }

        public func validate(name: String) throws {
            try self.relatedRequirements?.forEach {
                try validate($0, name: "relatedRequirements[]", parent: name, pattern: ".*\\S.*")
            }
            try self.statusReasons?.forEach {
                try $0.validate(name: "\(name).statusReasons[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case relatedRequirements = "RelatedRequirements"
            case status = "Status"
            case statusReasons = "StatusReasons"
        }
    }

    public struct ContainerDetails: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the image related to a finding.
        public let imageId: String?
        /// The name of the image related to a finding.
        public let imageName: String?
        /// Indicates when the container started. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let launchedAt: String?
        /// The name of the container related to a finding.
        public let name: String?

        public init(imageId: String? = nil, imageName: String? = nil, launchedAt: String? = nil, name: String? = nil) {
            self.imageId = imageId
            self.imageName = imageName
            self.launchedAt = launchedAt
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.imageId, name: "imageId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.imageName, name: "imageName", parent: name, pattern: ".*\\S.*")
            try self.validate(self.launchedAt, name: "launchedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case imageId = "ImageId"
            case imageName = "ImageName"
            case launchedAt = "LaunchedAt"
            case name = "Name"
        }
    }

    public struct Country: AWSEncodableShape & AWSDecodableShape {
        /// The 2-letter ISO 3166 country code for the country.
        public let countryCode: String?
        /// The name of the country.
        public let countryName: String?

        public init(countryCode: String? = nil, countryName: String? = nil) {
            self.countryCode = countryCode
            self.countryName = countryName
        }

        public func validate(name: String) throws {
            try self.validate(self.countryCode, name: "countryCode", parent: name, pattern: ".*\\S.*")
            try self.validate(self.countryName, name: "countryName", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case countryCode = "CountryCode"
            case countryName = "CountryName"
        }
    }

    public struct CreateActionTargetRequest: AWSEncodableShape {
        /// The description for the custom action target.
        public let description: String
        /// The ID for the custom action target.
        public let id: String
        /// The name of the custom action target.
        public let name: String

        public init(description: String, id: String, name: String) {
            self.description = description
            self.id = id
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case id = "Id"
            case name = "Name"
        }
    }

    public struct CreateActionTargetResponse: AWSDecodableShape {
        /// The ARN for the custom action target.
        public let actionTargetArn: String

        public init(actionTargetArn: String) {
            self.actionTargetArn = actionTargetArn
        }

        private enum CodingKeys: String, CodingKey {
            case actionTargetArn = "ActionTargetArn"
        }
    }

    public struct CreateInsightRequest: AWSEncodableShape {
        /// One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters.
        public let filters: AwsSecurityFindingFilters
        /// The attribute used to group the findings for the insight. The grouping attribute identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.
        public let groupByAttribute: String
        /// The name of the custom insight to create.
        public let name: String

        public init(filters: AwsSecurityFindingFilters, groupByAttribute: String, name: String) {
            self.filters = filters
            self.groupByAttribute = groupByAttribute
            self.name = name
        }

        public func validate(name: String) throws {
            try self.filters.validate(name: "\(name).filters")
            try self.validate(self.groupByAttribute, name: "groupByAttribute", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case groupByAttribute = "GroupByAttribute"
            case name = "Name"
        }
    }

    public struct CreateInsightResponse: AWSDecodableShape {
        /// The ARN of the insight created.
        public let insightArn: String

        public init(insightArn: String) {
            self.insightArn = insightArn
        }

        private enum CodingKeys: String, CodingKey {
            case insightArn = "InsightArn"
        }
    }

    public struct CreateMembersRequest: AWSEncodableShape {
        /// The list of accounts to associate with the Security Hub master account. For each account, the list includes the account ID and optionally the email address.
        public let accountDetails: [AccountDetails]

        public init(accountDetails: [AccountDetails]) {
            self.accountDetails = accountDetails
        }

        public func validate(name: String) throws {
            try self.accountDetails.forEach {
                try $0.validate(name: "\(name).accountDetails[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountDetails = "AccountDetails"
        }
    }

    public struct CreateMembersResponse: AWSDecodableShape {
        /// The list of AWS accounts that were not processed. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(unprocessedAccounts: [Result]? = nil) {
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct Cvss: AWSEncodableShape & AWSDecodableShape {
        /// The base CVSS score.
        public let baseScore: Double?
        /// The base scoring vector for the CVSS score.
        public let baseVector: String?
        /// The version of CVSS for the CVSS score.
        public let version: String?

        public init(baseScore: Double? = nil, baseVector: String? = nil, version: String? = nil) {
            self.baseScore = baseScore
            self.baseVector = baseVector
            self.version = version
        }

        public func validate(name: String) throws {
            try self.validate(self.baseVector, name: "baseVector", parent: name, pattern: ".*\\S.*")
            try self.validate(self.version, name: "version", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case baseScore = "BaseScore"
            case baseVector = "BaseVector"
            case version = "Version"
        }
    }

    public struct DateFilter: AWSEncodableShape & AWSDecodableShape {
        /// A date range for the date filter.
        public let dateRange: DateRange?
        /// An end date for the date filter.
        public let end: String?
        /// A start date for the date filter.
        public let start: String?

        public init(dateRange: DateRange? = nil, end: String? = nil, start: String? = nil) {
            self.dateRange = dateRange
            self.end = end
            self.start = start
        }

        public func validate(name: String) throws {
            try self.validate(self.end, name: "end", parent: name, pattern: ".*\\S.*")
            try self.validate(self.start, name: "start", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case dateRange = "DateRange"
            case end = "End"
            case start = "Start"
        }
    }

    public struct DateRange: AWSEncodableShape & AWSDecodableShape {
        /// A date range unit for the date filter.
        public let unit: DateRangeUnit?
        /// A date range value for the date filter.
        public let value: Int?

        public init(unit: DateRangeUnit? = nil, value: Int? = nil) {
            self.unit = unit
            self.value = value
        }

        private enum CodingKeys: String, CodingKey {
            case unit = "Unit"
            case value = "Value"
        }
    }

    public struct DeclineInvitationsRequest: AWSEncodableShape {
        /// The list of account IDs for the accounts from which to decline the invitations to Security Hub.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct DeclineInvitationsResponse: AWSDecodableShape {
        /// The list of AWS accounts that were not processed. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(unprocessedAccounts: [Result]? = nil) {
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct DeleteActionTargetRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "actionTargetArn", location: .uri(locationName: "ActionTargetArn"))
        ]

        /// The ARN of the custom action target to delete.
        public let actionTargetArn: String

        public init(actionTargetArn: String) {
            self.actionTargetArn = actionTargetArn
        }

        public func validate(name: String) throws {
            try self.validate(self.actionTargetArn, name: "actionTargetArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteActionTargetResponse: AWSDecodableShape {
        /// The ARN of the custom action target that was deleted.
        public let actionTargetArn: String

        public init(actionTargetArn: String) {
            self.actionTargetArn = actionTargetArn
        }

        private enum CodingKeys: String, CodingKey {
            case actionTargetArn = "ActionTargetArn"
        }
    }

    public struct DeleteInsightRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "insightArn", location: .uri(locationName: "InsightArn"))
        ]

        /// The ARN of the insight to delete.
        public let insightArn: String

        public init(insightArn: String) {
            self.insightArn = insightArn
        }

        public func validate(name: String) throws {
            try self.validate(self.insightArn, name: "insightArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteInsightResponse: AWSDecodableShape {
        /// The ARN of the insight that was deleted.
        public let insightArn: String

        public init(insightArn: String) {
            self.insightArn = insightArn
        }

        private enum CodingKeys: String, CodingKey {
            case insightArn = "InsightArn"
        }
    }

    public struct DeleteInvitationsRequest: AWSEncodableShape {
        /// The list of the account IDs that sent the invitations to delete.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct DeleteInvitationsResponse: AWSDecodableShape {
        /// The list of AWS accounts for which the invitations were not deleted. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(unprocessedAccounts: [Result]? = nil) {
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct DeleteMembersRequest: AWSEncodableShape {
        /// The list of account IDs for the member accounts to delete.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct DeleteMembersResponse: AWSDecodableShape {
        /// The list of AWS accounts that were not deleted. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(unprocessedAccounts: [Result]? = nil) {
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct DescribeActionTargetsRequest: AWSEncodableShape {
        /// A list of custom action target ARNs for the custom action targets to retrieve.
        public let actionTargetArns: [String]?
        /// The maximum number of results to return.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the DescribeActionTargets operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(actionTargetArns: [String]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.actionTargetArns = actionTargetArns
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.actionTargetArns?.forEach {
                try validate($0, name: "actionTargetArns[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case actionTargetArns = "ActionTargetArns"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct DescribeActionTargetsResponse: AWSDecodableShape {
        /// A list of ActionTarget objects. Each object includes the ActionTargetArn, Description, and Name of a custom action target available in Security Hub.
        public let actionTargets: [ActionTarget]
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(actionTargets: [ActionTarget], nextToken: String? = nil) {
            self.actionTargets = actionTargets
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case actionTargets = "ActionTargets"
            case nextToken = "NextToken"
        }
    }

    public struct DescribeHubRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "hubArn", location: .querystring(locationName: "HubArn"))
        ]

        /// The ARN of the Hub resource to retrieve.
        public let hubArn: String?

        public init(hubArn: String? = nil) {
            self.hubArn = hubArn
        }

        public func validate(name: String) throws {
            try self.validate(self.hubArn, name: "hubArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeHubResponse: AWSDecodableShape {
        /// Whether to automatically enable new controls when they are added to standards that are enabled. If set to true, then new controls for enabled standards are enabled automatically. If set to false, then new controls are not enabled.
        public let autoEnableControls: Bool?
        /// The ARN of the Hub resource that was retrieved.
        public let hubArn: String?
        /// The date and time when Security Hub was enabled in the account.
        public let subscribedAt: String?

        public init(autoEnableControls: Bool? = nil, hubArn: String? = nil, subscribedAt: String? = nil) {
            self.autoEnableControls = autoEnableControls
            self.hubArn = hubArn
            self.subscribedAt = subscribedAt
        }

        private enum CodingKeys: String, CodingKey {
            case autoEnableControls = "AutoEnableControls"
            case hubArn = "HubArn"
            case subscribedAt = "SubscribedAt"
        }
    }

    public struct DescribeOrganizationConfigurationRequest: AWSEncodableShape {
        public init() {}
    }

    public struct DescribeOrganizationConfigurationResponse: AWSDecodableShape {
        /// Whether to automatically enable Security Hub for new accounts in the organization. If set to true, then Security Hub is enabled for new accounts. If set to false, then new accounts are not added automatically.
        public let autoEnable: Bool?
        /// Whether the maximum number of allowed member accounts are already associated with the Security Hub administrator account.
        public let memberAccountLimitReached: Bool?

        public init(autoEnable: Bool? = nil, memberAccountLimitReached: Bool? = nil) {
            self.autoEnable = autoEnable
            self.memberAccountLimitReached = memberAccountLimitReached
        }

        private enum CodingKeys: String, CodingKey {
            case autoEnable = "AutoEnable"
            case memberAccountLimitReached = "MemberAccountLimitReached"
        }
    }

    public struct DescribeProductsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken")),
            AWSMemberEncoding(label: "productArn", location: .querystring(locationName: "ProductArn"))
        ]

        /// The maximum number of results to return.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the DescribeProducts operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?
        /// The ARN of the integration to return.
        public let productArn: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil, productArn: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.productArn = productArn
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.productArn, name: "productArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeProductsResponse: AWSDecodableShape {
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?
        /// A list of products, including details for each product.
        public let products: [Product]

        public init(nextToken: String? = nil, products: [Product]) {
            self.nextToken = nextToken
            self.products = products
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case products = "Products"
        }
    }

    public struct DescribeStandardsControlsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken")),
            AWSMemberEncoding(label: "standardsSubscriptionArn", location: .uri(locationName: "StandardsSubscriptionArn"))
        ]

        /// The maximum number of security standard controls to return.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the DescribeStandardsControls operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?
        /// The ARN of a resource that represents your subscription to a supported standard. To get the subscription ARNs of the standards you have enabled, use the  GetEnabledStandards  operation.
        public let standardsSubscriptionArn: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, standardsSubscriptionArn: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.standardsSubscriptionArn = standardsSubscriptionArn
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.standardsSubscriptionArn, name: "standardsSubscriptionArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeStandardsControlsResponse: AWSDecodableShape {
        /// A list of security standards controls.
        public let controls: [StandardsControl]?
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(controls: [StandardsControl]? = nil, nextToken: String? = nil) {
            self.controls = controls
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case controls = "Controls"
            case nextToken = "NextToken"
        }
    }

    public struct DescribeStandardsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken"))
        ]

        /// The maximum number of standards to return.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the DescribeStandards operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeStandardsResponse: AWSDecodableShape {
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?
        /// A list of available standards.
        public let standards: [Standard]?

        public init(nextToken: String? = nil, standards: [Standard]? = nil) {
            self.nextToken = nextToken
            self.standards = standards
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case standards = "Standards"
        }
    }

    public struct DisableImportFindingsForProductRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "productSubscriptionArn", location: .uri(locationName: "ProductSubscriptionArn"))
        ]

        /// The ARN of the integrated product to disable the integration for.
        public let productSubscriptionArn: String

        public init(productSubscriptionArn: String) {
            self.productSubscriptionArn = productSubscriptionArn
        }

        public func validate(name: String) throws {
            try self.validate(self.productSubscriptionArn, name: "productSubscriptionArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DisableImportFindingsForProductResponse: AWSDecodableShape {
        public init() {}
    }

    public struct DisableOrganizationAdminAccountRequest: AWSEncodableShape {
        /// The AWS account identifier of the Security Hub administrator account.
        public let adminAccountId: String

        public init(adminAccountId: String) {
            self.adminAccountId = adminAccountId
        }

        public func validate(name: String) throws {
            try self.validate(self.adminAccountId, name: "adminAccountId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case adminAccountId = "AdminAccountId"
        }
    }

    public struct DisableOrganizationAdminAccountResponse: AWSDecodableShape {
        public init() {}
    }

    public struct DisableSecurityHubRequest: AWSEncodableShape {
        public init() {}
    }

    public struct DisableSecurityHubResponse: AWSDecodableShape {
        public init() {}
    }

    public struct DisassociateFromMasterAccountRequest: AWSEncodableShape {
        public init() {}
    }

    public struct DisassociateFromMasterAccountResponse: AWSDecodableShape {
        public init() {}
    }

    public struct DisassociateMembersRequest: AWSEncodableShape {
        /// The account IDs of the member accounts to disassociate from the master account.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct DisassociateMembersResponse: AWSDecodableShape {
        public init() {}
    }

    public struct DnsRequestAction: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the DNS request was blocked.
        public let blocked: Bool?
        /// The DNS domain that is associated with the DNS request.
        public let domain: String?
        /// The protocol that was used for the DNS request.
        public let `protocol`: String?

        public init(blocked: Bool? = nil, domain: String? = nil, protocol: String? = nil) {
            self.blocked = blocked
            self.domain = domain
            self.`protocol` = `protocol`
        }

        public func validate(name: String) throws {
            try self.validate(self.domain, name: "domain", parent: name, pattern: ".*\\S.*")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case blocked = "Blocked"
            case domain = "Domain"
            case `protocol` = "Protocol"
        }
    }

    public struct EnableImportFindingsForProductRequest: AWSEncodableShape {
        /// The ARN of the product to enable the integration for.
        public let productArn: String

        public init(productArn: String) {
            self.productArn = productArn
        }

        public func validate(name: String) throws {
            try self.validate(self.productArn, name: "productArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case productArn = "ProductArn"
        }
    }

    public struct EnableImportFindingsForProductResponse: AWSDecodableShape {
        /// The ARN of your subscription to the product to enable integrations for.
        public let productSubscriptionArn: String?

        public init(productSubscriptionArn: String? = nil) {
            self.productSubscriptionArn = productSubscriptionArn
        }

        private enum CodingKeys: String, CodingKey {
            case productSubscriptionArn = "ProductSubscriptionArn"
        }
    }

    public struct EnableOrganizationAdminAccountRequest: AWSEncodableShape {
        /// The AWS account identifier of the account to designate as the Security Hub administrator account.
        public let adminAccountId: String

        public init(adminAccountId: String) {
            self.adminAccountId = adminAccountId
        }

        public func validate(name: String) throws {
            try self.validate(self.adminAccountId, name: "adminAccountId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case adminAccountId = "AdminAccountId"
        }
    }

    public struct EnableOrganizationAdminAccountResponse: AWSDecodableShape {
        public init() {}
    }

    public struct EnableSecurityHubRequest: AWSEncodableShape {
        /// Whether to enable the security standards that Security Hub has designated as automatically enabled. If you do not provide a value for EnableDefaultStandards, it is set to true. To not enable the automatically enabled standards, set EnableDefaultStandards to false.
        public let enableDefaultStandards: Bool?
        /// The tags to add to the hub resource when you enable Security Hub.
        public let tags: [String: String]?

        public init(enableDefaultStandards: Bool? = nil, tags: [String: String]? = nil) {
            self.enableDefaultStandards = enableDefaultStandards
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.tags?.forEach {
                try validate($0.key, name: "tags.key", parent: name, max: 128)
                try validate($0.key, name: "tags.key", parent: name, min: 1)
                try validate($0.key, name: "tags.key", parent: name, pattern: "^(?!aws:)[a-zA-Z+-=._:/]+$")
                try validate($0.value, name: "tags[\"\($0.key)\"]", parent: name, max: 256)
            }
        }

        private enum CodingKeys: String, CodingKey {
            case enableDefaultStandards = "EnableDefaultStandards"
            case tags = "Tags"
        }
    }

    public struct EnableSecurityHubResponse: AWSDecodableShape {
        public init() {}
    }

    public struct GeoLocation: AWSEncodableShape & AWSDecodableShape {
        /// The latitude of the location.
        public let lat: Double?
        /// The longitude of the location.
        public let lon: Double?

        public init(lat: Double? = nil, lon: Double? = nil) {
            self.lat = lat
            self.lon = lon
        }

        private enum CodingKeys: String, CodingKey {
            case lat = "Lat"
            case lon = "Lon"
        }
    }

    public struct GetEnabledStandardsRequest: AWSEncodableShape {
        /// The maximum number of results to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the GetEnabledStandards operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?
        /// The list of the standards subscription ARNs for the standards to retrieve.
        public let standardsSubscriptionArns: [String]?

        public init(maxResults: Int? = nil, nextToken: String? = nil, standardsSubscriptionArns: [String]? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.standardsSubscriptionArns = standardsSubscriptionArns
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.standardsSubscriptionArns?.forEach {
                try validate($0, name: "standardsSubscriptionArns[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.standardsSubscriptionArns, name: "standardsSubscriptionArns", parent: name, max: 25)
            try self.validate(self.standardsSubscriptionArns, name: "standardsSubscriptionArns", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case standardsSubscriptionArns = "StandardsSubscriptionArns"
        }
    }

    public struct GetEnabledStandardsResponse: AWSDecodableShape {
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?
        /// The list of StandardsSubscriptions objects that include information about the enabled standards.
        public let standardsSubscriptions: [StandardsSubscription]?

        public init(nextToken: String? = nil, standardsSubscriptions: [StandardsSubscription]? = nil) {
            self.nextToken = nextToken
            self.standardsSubscriptions = standardsSubscriptions
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case standardsSubscriptions = "StandardsSubscriptions"
        }
    }

    public struct GetFindingsRequest: AWSEncodableShape {
        /// The finding attributes used to define a condition to filter the returned findings. You can filter by up to 10 finding attributes. For each attribute, you can provide up to 20 filter values. Note that in the available filter fields, WorkflowState is deprecated. To search for a finding based on its workflow status, use WorkflowStatus.
        public let filters: AwsSecurityFindingFilters?
        /// The maximum number of findings to return.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the GetFindings operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?
        /// The finding attributes used to sort the list of returned findings.
        public let sortCriteria: [SortCriterion]?

        public init(filters: AwsSecurityFindingFilters? = nil, maxResults: Int? = nil, nextToken: String? = nil, sortCriteria: [SortCriterion]? = nil) {
            self.filters = filters
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.sortCriteria = sortCriteria
        }

        public func validate(name: String) throws {
            try self.filters?.validate(name: "\(name).filters")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.sortCriteria?.forEach {
                try $0.validate(name: "\(name).sortCriteria[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case sortCriteria = "SortCriteria"
        }
    }

    public struct GetFindingsResponse: AWSDecodableShape {
        /// The findings that matched the filters specified in the request.
        public let findings: [AwsSecurityFinding]
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(findings: [AwsSecurityFinding], nextToken: String? = nil) {
            self.findings = findings
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case findings = "Findings"
            case nextToken = "NextToken"
        }
    }

    public struct GetInsightResultsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "insightArn", location: .uri(locationName: "InsightArn"))
        ]

        /// The ARN of the insight for which to return results.
        public let insightArn: String

        public init(insightArn: String) {
            self.insightArn = insightArn
        }

        public func validate(name: String) throws {
            try self.validate(self.insightArn, name: "insightArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetInsightResultsResponse: AWSDecodableShape {
        /// The insight results returned by the operation.
        public let insightResults: InsightResults

        public init(insightResults: InsightResults) {
            self.insightResults = insightResults
        }

        private enum CodingKeys: String, CodingKey {
            case insightResults = "InsightResults"
        }
    }

    public struct GetInsightsRequest: AWSEncodableShape {
        /// The ARNs of the insights to describe. If you do not provide any insight ARNs, then GetInsights returns all of your custom insights. It does not return any managed insights.
        public let insightArns: [String]?
        /// The maximum number of items to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the GetInsights operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(insightArns: [String]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.insightArns = insightArns
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.insightArns?.forEach {
                try validate($0, name: "insightArns[]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case insightArns = "InsightArns"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct GetInsightsResponse: AWSDecodableShape {
        /// The insights returned by the operation.
        public let insights: [Insight]
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(insights: [Insight], nextToken: String? = nil) {
            self.insights = insights
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case insights = "Insights"
            case nextToken = "NextToken"
        }
    }

    public struct GetInvitationsCountRequest: AWSEncodableShape {
        public init() {}
    }

    public struct GetInvitationsCountResponse: AWSDecodableShape {
        /// The number of all membership invitations sent to this Security Hub member account, not including the currently accepted invitation.
        public let invitationsCount: Int?

        public init(invitationsCount: Int? = nil) {
            self.invitationsCount = invitationsCount
        }

        private enum CodingKeys: String, CodingKey {
            case invitationsCount = "InvitationsCount"
        }
    }

    public struct GetMasterAccountRequest: AWSEncodableShape {
        public init() {}
    }

    public struct GetMasterAccountResponse: AWSDecodableShape {
        /// A list of details about the Security Hub master account for the current member account.
        public let master: Invitation?

        public init(master: Invitation? = nil) {
            self.master = master
        }

        private enum CodingKeys: String, CodingKey {
            case master = "Master"
        }
    }

    public struct GetMembersRequest: AWSEncodableShape {
        /// The list of account IDs for the Security Hub member accounts to return the details for.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct GetMembersResponse: AWSDecodableShape {
        /// The list of details about the Security Hub member accounts.
        public let members: [Member]?
        /// The list of AWS accounts that could not be processed. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(members: [Member]? = nil, unprocessedAccounts: [Result]? = nil) {
            self.members = members
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case members = "Members"
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct ImportFindingsError: AWSDecodableShape {
        /// The code of the error returned by the BatchImportFindings operation.
        public let errorCode: String
        /// The message of the error returned by the BatchImportFindings operation.
        public let errorMessage: String
        /// The identifier of the finding that could not be updated.
        public let id: String

        public init(errorCode: String, errorMessage: String, id: String) {
            self.errorCode = errorCode
            self.errorMessage = errorMessage
            self.id = id
        }

        private enum CodingKeys: String, CodingKey {
            case errorCode = "ErrorCode"
            case errorMessage = "ErrorMessage"
            case id = "Id"
        }
    }

    public struct Insight: AWSDecodableShape {
        /// One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters.
        public let filters: AwsSecurityFindingFilters
        /// The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.
        public let groupByAttribute: String
        /// The ARN of a Security Hub insight.
        public let insightArn: String
        /// The name of a Security Hub insight.
        public let name: String

        public init(filters: AwsSecurityFindingFilters, groupByAttribute: String, insightArn: String, name: String) {
            self.filters = filters
            self.groupByAttribute = groupByAttribute
            self.insightArn = insightArn
            self.name = name
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case groupByAttribute = "GroupByAttribute"
            case insightArn = "InsightArn"
            case name = "Name"
        }
    }

    public struct InsightResultValue: AWSDecodableShape {
        /// The number of findings returned for each GroupByAttributeValue.
        public let count: Int
        /// The value of the attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.
        public let groupByAttributeValue: String

        public init(count: Int, groupByAttributeValue: String) {
            self.count = count
            self.groupByAttributeValue = groupByAttributeValue
        }

        private enum CodingKeys: String, CodingKey {
            case count = "Count"
            case groupByAttributeValue = "GroupByAttributeValue"
        }
    }

    public struct InsightResults: AWSDecodableShape {
        /// The attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.
        public let groupByAttribute: String
        /// The ARN of the insight whose results are returned by the GetInsightResults operation.
        public let insightArn: String
        /// The list of insight result values returned by the GetInsightResults operation.
        public let resultValues: [InsightResultValue]

        public init(groupByAttribute: String, insightArn: String, resultValues: [InsightResultValue]) {
            self.groupByAttribute = groupByAttribute
            self.insightArn = insightArn
            self.resultValues = resultValues
        }

        private enum CodingKeys: String, CodingKey {
            case groupByAttribute = "GroupByAttribute"
            case insightArn = "InsightArn"
            case resultValues = "ResultValues"
        }
    }

    public struct Invitation: AWSDecodableShape {
        /// The account ID of the Security Hub master account that the invitation was sent from.
        public let accountId: String?
        /// The ID of the invitation sent to the member account.
        public let invitationId: String?
        /// The timestamp of when the invitation was sent.
        @OptionalCustomCoding<ISO8601DateCoder>
        public var invitedAt: Date?
        /// The current status of the association between the member and master accounts.
        public let memberStatus: String?

        public init(accountId: String? = nil, invitationId: String? = nil, invitedAt: Date? = nil, memberStatus: String? = nil) {
            self.accountId = accountId
            self.invitationId = invitationId
            self.invitedAt = invitedAt
            self.memberStatus = memberStatus
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case invitationId = "InvitationId"
            case invitedAt = "InvitedAt"
            case memberStatus = "MemberStatus"
        }
    }

    public struct InviteMembersRequest: AWSEncodableShape {
        /// The list of account IDs of the AWS accounts to invite to Security Hub as members.
        public let accountIds: [String]

        public init(accountIds: [String]) {
            self.accountIds = accountIds
        }

        public func validate(name: String) throws {
            try self.accountIds.forEach {
                try validate($0, name: "accountIds[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case accountIds = "AccountIds"
        }
    }

    public struct InviteMembersResponse: AWSDecodableShape {
        /// The list of AWS accounts that could not be processed. For each account, the list includes the account ID and the email address.
        public let unprocessedAccounts: [Result]?

        public init(unprocessedAccounts: [Result]? = nil) {
            self.unprocessedAccounts = unprocessedAccounts
        }

        private enum CodingKeys: String, CodingKey {
            case unprocessedAccounts = "UnprocessedAccounts"
        }
    }

    public struct IpFilter: AWSEncodableShape & AWSDecodableShape {
        /// A finding's CIDR value.
        public let cidr: String?

        public init(cidr: String? = nil) {
            self.cidr = cidr
        }

        public func validate(name: String) throws {
            try self.validate(self.cidr, name: "cidr", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case cidr = "Cidr"
        }
    }

    public struct IpOrganizationDetails: AWSEncodableShape & AWSDecodableShape {
        /// The Autonomous System Number (ASN) of the internet provider
        public let asn: Int?
        /// The name of the organization that registered the ASN.
        public let asnOrg: String?
        /// The ISP information for the internet provider.
        public let isp: String?
        /// The name of the internet provider.
        public let org: String?

        public init(asn: Int? = nil, asnOrg: String? = nil, isp: String? = nil, org: String? = nil) {
            self.asn = asn
            self.asnOrg = asnOrg
            self.isp = isp
            self.org = org
        }

        public func validate(name: String) throws {
            try self.validate(self.asnOrg, name: "asnOrg", parent: name, pattern: ".*\\S.*")
            try self.validate(self.isp, name: "isp", parent: name, pattern: ".*\\S.*")
            try self.validate(self.org, name: "org", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case asn = "Asn"
            case asnOrg = "AsnOrg"
            case isp = "Isp"
            case org = "Org"
        }
    }

    public struct Ipv6CidrBlockAssociation: AWSEncodableShape & AWSDecodableShape {
        /// The association ID for the IPv6 CIDR block.
        public let associationId: String?
        /// Information about the state of the CIDR block.
        public let cidrBlockState: String?
        /// The IPv6 CIDR block.
        public let ipv6CidrBlock: String?

        public init(associationId: String? = nil, cidrBlockState: String? = nil, ipv6CidrBlock: String? = nil) {
            self.associationId = associationId
            self.cidrBlockState = cidrBlockState
            self.ipv6CidrBlock = ipv6CidrBlock
        }

        public func validate(name: String) throws {
            try self.validate(self.associationId, name: "associationId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.cidrBlockState, name: "cidrBlockState", parent: name, pattern: ".*\\S.*")
            try self.validate(self.ipv6CidrBlock, name: "ipv6CidrBlock", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case associationId = "AssociationId"
            case cidrBlockState = "CidrBlockState"
            case ipv6CidrBlock = "Ipv6CidrBlock"
        }
    }

    public struct KeywordFilter: AWSEncodableShape & AWSDecodableShape {
        /// A value for the keyword.
        public let value: String?

        public init(value: String? = nil) {
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case value = "Value"
        }
    }

    public struct ListEnabledProductsForImportRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken"))
        ]

        /// The maximum number of items to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the ListEnabledProductsForImport operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 100)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListEnabledProductsForImportResponse: AWSDecodableShape {
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?
        /// The list of ARNs for the resources that represent your subscriptions to products.
        public let productSubscriptions: [String]?

        public init(nextToken: String? = nil, productSubscriptions: [String]? = nil) {
            self.nextToken = nextToken
            self.productSubscriptions = productSubscriptions
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case productSubscriptions = "ProductSubscriptions"
        }
    }

    public struct ListInvitationsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken"))
        ]

        /// The maximum number of items to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the ListInvitations operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 50)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListInvitationsResponse: AWSDecodableShape {
        /// The details of the invitations returned by the operation.
        public let invitations: [Invitation]?
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(invitations: [Invitation]? = nil, nextToken: String? = nil) {
            self.invitations = invitations
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case invitations = "Invitations"
            case nextToken = "NextToken"
        }
    }

    public struct ListMembersRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken")),
            AWSMemberEncoding(label: "onlyAssociated", location: .querystring(locationName: "OnlyAssociated"))
        ]

        /// The maximum number of items to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the ListMembers operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?
        /// Specifies which member accounts to include in the response based on their relationship status with the master account. The default value is TRUE. If OnlyAssociated is set to TRUE, the response includes member accounts whose relationship status with the master is set to ENABLED. If OnlyAssociated is set to FALSE, the response includes all existing member accounts.
        public let onlyAssociated: Bool?

        public init(maxResults: Int? = nil, nextToken: String? = nil, onlyAssociated: Bool? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.onlyAssociated = onlyAssociated
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 50)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListMembersResponse: AWSDecodableShape {
        /// Member details returned by the operation.
        public let members: [Member]?
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(members: [Member]? = nil, nextToken: String? = nil) {
            self.members = members
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case members = "Members"
            case nextToken = "NextToken"
        }
    }

    public struct ListOrganizationAdminAccountsRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "maxResults", location: .querystring(locationName: "MaxResults")),
            AWSMemberEncoding(label: "nextToken", location: .querystring(locationName: "NextToken"))
        ]

        /// The maximum number of items to return in the response.
        public let maxResults: Int?
        /// The token that is required for pagination. On your first call to the ListOrganizationAdminAccounts operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 10)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListOrganizationAdminAccountsResponse: AWSDecodableShape {
        /// The list of Security Hub administrator accounts.
        public let adminAccounts: [AdminAccount]?
        /// The pagination token to use to request the next page of results.
        public let nextToken: String?

        public init(adminAccounts: [AdminAccount]? = nil, nextToken: String? = nil) {
            self.adminAccounts = adminAccounts
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case adminAccounts = "AdminAccounts"
            case nextToken = "NextToken"
        }
    }

    public struct ListTagsForResourceRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "resourceArn", location: .uri(locationName: "ResourceArn"))
        ]

        /// The ARN of the resource to retrieve tags for.
        public let resourceArn: String

        public init(resourceArn: String) {
            self.resourceArn = resourceArn
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:aws:securityhub:.*")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListTagsForResourceResponse: AWSDecodableShape {
        /// The tags associated with a resource.
        public let tags: [String: String]?

        public init(tags: [String: String]? = nil) {
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct LoadBalancerState: AWSEncodableShape & AWSDecodableShape {
        /// The state code. The initial state of the load balancer is provisioning. After the load balancer is fully set up and ready to route traffic, its state is active. If the load balancer could not be set up, its state is failed.
        public let code: String?
        /// A description of the state.
        public let reason: String?

        public init(code: String? = nil, reason: String? = nil) {
            self.code = code
            self.reason = reason
        }

        public func validate(name: String) throws {
            try self.validate(self.code, name: "code", parent: name, pattern: ".*\\S.*")
            try self.validate(self.reason, name: "reason", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case code = "Code"
            case reason = "Reason"
        }
    }

    public struct Malware: AWSEncodableShape & AWSDecodableShape {
        /// The name of the malware that was observed.
        public let name: String
        /// The file system path of the malware that was observed.
        public let path: String?
        /// The state of the malware that was observed.
        public let state: MalwareState?
        /// The type of the malware that was observed.
        public let type: MalwareType?

        public init(name: String, path: String? = nil, state: MalwareState? = nil, type: MalwareType? = nil) {
            self.name = name
            self.path = path
            self.state = state
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case path = "Path"
            case state = "State"
            case type = "Type"
        }
    }

    public struct MapFilter: AWSEncodableShape & AWSDecodableShape {
        /// The condition to apply to the key value when querying for findings with a map filter. To search for values that exactly match the filter value, use EQUALS. For example, for the ResourceTags field, the filter Department EQUALS Security matches findings that have the value Security for the tag Department. To search for values other than the filter value, use NOT_EQUALS. For example, for the ResourceTags field, the filter Department NOT_EQUALS Finance matches findings that do not have the value Finance for the tag Department.  EQUALS filters on the same field are joined by OR. A finding matches if it matches any one of those filters.  NOT_EQUALS filters on the same field are joined by AND. A finding matches only if it matches all of those filters. You cannot have both an EQUALS filter and a NOT_EQUALS filter on the same field.
        public let comparison: MapFilterComparison?
        /// The key of the map filter. For example, for ResourceTags, Key identifies the name of the tag. For UserDefinedFields, Key is the name of the field.
        public let key: String?
        /// The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called Department might be Security. If you provide security as the filter value, then there is no match.
        public let value: String?

        public init(comparison: MapFilterComparison? = nil, key: String? = nil, value: String? = nil) {
            self.comparison = comparison
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, pattern: ".*\\S.*")
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case comparison = "Comparison"
            case key = "Key"
            case value = "Value"
        }
    }

    public struct Member: AWSDecodableShape {
        /// The AWS account ID of the member account.
        public let accountId: String?
        /// The email address of the member account.
        public let email: String?
        /// A timestamp for the date and time when the invitation was sent to the member account.
        @OptionalCustomCoding<ISO8601DateCoder>
        public var invitedAt: Date?
        /// The AWS account ID of the Security Hub master account associated with this member account.
        public let masterId: String?
        /// The status of the relationship between the member account and its master account.  The status can have one of the following values:    CREATED - Indicates that the master account added the member account, but has not yet invited the member account.    INVITED - Indicates that the master account invited the member account. The member account has not yet responded to the invitation.    ENABLED - Indicates that the member account is currently active. For manually invited member accounts, indicates that the member account accepted the invitation.    REMOVED - Indicates that the master account disassociated the member account.    RESIGNED - Indicates that the member account disassociated themselves from the master account.    DELETED - Indicates that the master account deleted the member account.
        public let memberStatus: String?
        /// The timestamp for the date and time when the member account was updated.
        @OptionalCustomCoding<ISO8601DateCoder>
        public var updatedAt: Date?

        public init(accountId: String? = nil, email: String? = nil, invitedAt: Date? = nil, masterId: String? = nil, memberStatus: String? = nil, updatedAt: Date? = nil) {
            self.accountId = accountId
            self.email = email
            self.invitedAt = invitedAt
            self.masterId = masterId
            self.memberStatus = memberStatus
            self.updatedAt = updatedAt
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case email = "Email"
            case invitedAt = "InvitedAt"
            case masterId = "MasterId"
            case memberStatus = "MemberStatus"
            case updatedAt = "UpdatedAt"
        }
    }

    public struct Network: AWSEncodableShape & AWSDecodableShape {
        /// The destination domain of network-related information about a finding.
        public let destinationDomain: String?
        /// The destination IPv4 address of network-related information about a finding.
        public let destinationIpV4: String?
        /// The destination IPv6 address of network-related information about a finding.
        public let destinationIpV6: String?
        /// The destination port of network-related information about a finding.
        public let destinationPort: Int?
        /// The direction of network traffic associated with a finding.
        public let direction: NetworkDirection?
        /// The range of open ports that is present on the network.
        public let openPortRange: PortRange?
        /// The protocol of network-related information about a finding.
        public let `protocol`: String?
        /// The source domain of network-related information about a finding.
        public let sourceDomain: String?
        /// The source IPv4 address of network-related information about a finding.
        public let sourceIpV4: String?
        /// The source IPv6 address of network-related information about a finding.
        public let sourceIpV6: String?
        /// The source media access control (MAC) address of network-related information about a finding.
        public let sourceMac: String?
        /// The source port of network-related information about a finding.
        public let sourcePort: Int?

        public init(destinationDomain: String? = nil, destinationIpV4: String? = nil, destinationIpV6: String? = nil, destinationPort: Int? = nil, direction: NetworkDirection? = nil, openPortRange: PortRange? = nil, protocol: String? = nil, sourceDomain: String? = nil, sourceIpV4: String? = nil, sourceIpV6: String? = nil, sourceMac: String? = nil, sourcePort: Int? = nil) {
            self.destinationDomain = destinationDomain
            self.destinationIpV4 = destinationIpV4
            self.destinationIpV6 = destinationIpV6
            self.destinationPort = destinationPort
            self.direction = direction
            self.openPortRange = openPortRange
            self.`protocol` = `protocol`
            self.sourceDomain = sourceDomain
            self.sourceIpV4 = sourceIpV4
            self.sourceIpV6 = sourceIpV6
            self.sourceMac = sourceMac
            self.sourcePort = sourcePort
        }

        public func validate(name: String) throws {
            try self.validate(self.destinationDomain, name: "destinationDomain", parent: name, pattern: ".*\\S.*")
            try self.validate(self.destinationIpV4, name: "destinationIpV4", parent: name, pattern: ".*\\S.*")
            try self.validate(self.destinationIpV6, name: "destinationIpV6", parent: name, pattern: ".*\\S.*")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceDomain, name: "sourceDomain", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceIpV4, name: "sourceIpV4", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceIpV6, name: "sourceIpV6", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceMac, name: "sourceMac", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case destinationDomain = "DestinationDomain"
            case destinationIpV4 = "DestinationIpV4"
            case destinationIpV6 = "DestinationIpV6"
            case destinationPort = "DestinationPort"
            case direction = "Direction"
            case openPortRange = "OpenPortRange"
            case `protocol` = "Protocol"
            case sourceDomain = "SourceDomain"
            case sourceIpV4 = "SourceIpV4"
            case sourceIpV6 = "SourceIpV6"
            case sourceMac = "SourceMac"
            case sourcePort = "SourcePort"
        }
    }

    public struct NetworkConnectionAction: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the network connection attempt was blocked.
        public let blocked: Bool?
        /// The direction of the network connection request (IN or OUT).
        public let connectionDirection: String?
        /// Information about the port on the EC2 instance.
        public let localPortDetails: ActionLocalPortDetails?
        /// The protocol used to make the network connection request.
        public let `protocol`: String?
        /// Information about the remote IP address that issued the network connection request.
        public let remoteIpDetails: ActionRemoteIpDetails?
        /// Information about the port on the remote IP address.
        public let remotePortDetails: ActionRemotePortDetails?

        public init(blocked: Bool? = nil, connectionDirection: String? = nil, localPortDetails: ActionLocalPortDetails? = nil, protocol: String? = nil, remoteIpDetails: ActionRemoteIpDetails? = nil, remotePortDetails: ActionRemotePortDetails? = nil) {
            self.blocked = blocked
            self.connectionDirection = connectionDirection
            self.localPortDetails = localPortDetails
            self.`protocol` = `protocol`
            self.remoteIpDetails = remoteIpDetails
            self.remotePortDetails = remotePortDetails
        }

        public func validate(name: String) throws {
            try self.validate(self.connectionDirection, name: "connectionDirection", parent: name, pattern: ".*\\S.*")
            try self.localPortDetails?.validate(name: "\(name).localPortDetails")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
            try self.remoteIpDetails?.validate(name: "\(name).remoteIpDetails")
            try self.remotePortDetails?.validate(name: "\(name).remotePortDetails")
        }

        private enum CodingKeys: String, CodingKey {
            case blocked = "Blocked"
            case connectionDirection = "ConnectionDirection"
            case localPortDetails = "LocalPortDetails"
            case `protocol` = "Protocol"
            case remoteIpDetails = "RemoteIpDetails"
            case remotePortDetails = "RemotePortDetails"
        }
    }

    public struct NetworkHeader: AWSEncodableShape & AWSDecodableShape {
        /// Information about the destination of the component.
        public let destination: NetworkPathComponentDetails?
        /// The protocol used for the component.
        public let `protocol`: String?
        /// Information about the origin of the component.
        public let source: NetworkPathComponentDetails?

        public init(destination: NetworkPathComponentDetails? = nil, protocol: String? = nil, source: NetworkPathComponentDetails? = nil) {
            self.destination = destination
            self.`protocol` = `protocol`
            self.source = source
        }

        public func validate(name: String) throws {
            try self.destination?.validate(name: "\(name).destination")
            try self.validate(self.`protocol`, name: "`protocol`", parent: name, pattern: ".*\\S.*")
            try self.source?.validate(name: "\(name).source")
        }

        private enum CodingKeys: String, CodingKey {
            case destination = "Destination"
            case `protocol` = "Protocol"
            case source = "Source"
        }
    }

    public struct NetworkPathComponent: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of a component in the network path.
        public let componentId: String?
        /// The type of component.
        public let componentType: String?
        /// Information about the component that comes after the current component in the network path.
        public let egress: NetworkHeader?
        /// Information about the component that comes before the current node in the network path.
        public let ingress: NetworkHeader?

        public init(componentId: String? = nil, componentType: String? = nil, egress: NetworkHeader? = nil, ingress: NetworkHeader? = nil) {
            self.componentId = componentId
            self.componentType = componentType
            self.egress = egress
            self.ingress = ingress
        }

        public func validate(name: String) throws {
            try self.validate(self.componentId, name: "componentId", parent: name, pattern: ".*\\S.*")
            try self.validate(self.componentType, name: "componentType", parent: name, pattern: ".*\\S.*")
            try self.egress?.validate(name: "\(name).egress")
            try self.ingress?.validate(name: "\(name).ingress")
        }

        private enum CodingKeys: String, CodingKey {
            case componentId = "ComponentId"
            case componentType = "ComponentType"
            case egress = "Egress"
            case ingress = "Ingress"
        }
    }

    public struct NetworkPathComponentDetails: AWSEncodableShape & AWSDecodableShape {
        /// The IP addresses of the destination.
        public let address: [String]?
        /// A list of port ranges for the destination.
        public let portRanges: [PortRange]?

        public init(address: [String]? = nil, portRanges: [PortRange]? = nil) {
            self.address = address
            self.portRanges = portRanges
        }

        public func validate(name: String) throws {
            try self.address?.forEach {
                try validate($0, name: "address[]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case address = "Address"
            case portRanges = "PortRanges"
        }
    }

    public struct Note: AWSEncodableShape & AWSDecodableShape {
        /// The text of a note.
        public let text: String
        /// The timestamp of when the note was updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let updatedAt: String
        /// The principal that created a note.
        public let updatedBy: String

        public init(text: String, updatedAt: String, updatedBy: String) {
            self.text = text
            self.updatedAt = updatedAt
            self.updatedBy = updatedBy
        }

        public func validate(name: String) throws {
            try self.validate(self.text, name: "text", parent: name, pattern: ".*\\S.*")
            try self.validate(self.updatedAt, name: "updatedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.updatedBy, name: "updatedBy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case text = "Text"
            case updatedAt = "UpdatedAt"
            case updatedBy = "UpdatedBy"
        }
    }

    public struct NoteUpdate: AWSEncodableShape {
        /// The updated note text.
        public let text: String
        /// The principal that updated the note.
        public let updatedBy: String

        public init(text: String, updatedBy: String) {
            self.text = text
            self.updatedBy = updatedBy
        }

        public func validate(name: String) throws {
            try self.validate(self.text, name: "text", parent: name, pattern: ".*\\S.*")
            try self.validate(self.updatedBy, name: "updatedBy", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case text = "Text"
            case updatedBy = "UpdatedBy"
        }
    }

    public struct NumberFilter: AWSEncodableShape & AWSDecodableShape {
        /// The equal-to condition to be applied to a single field when querying for findings.
        public let eq: Double?
        /// The greater-than-equal condition to be applied to a single field when querying for findings.
        public let gte: Double?
        /// The less-than-equal condition to be applied to a single field when querying for findings.
        public let lte: Double?

        public init(eq: Double? = nil, gte: Double? = nil, lte: Double? = nil) {
            self.eq = eq
            self.gte = gte
            self.lte = lte
        }

        private enum CodingKeys: String, CodingKey {
            case eq = "Eq"
            case gte = "Gte"
            case lte = "Lte"
        }
    }

    public struct PatchSummary: AWSEncodableShape & AWSDecodableShape {
        /// The number of patches from the compliance standard that failed to install.
        public let failedCount: Int?
        /// The identifier of the compliance standard that was used to determine the patch compliance status.
        public let id: String
        /// The number of patches from the compliance standard that were installed successfully.
        public let installedCount: Int?
        /// The number of installed patches that are not part of the compliance standard.
        public let installedOtherCount: Int?
        /// The number of patches that were applied, but that require the instance to be rebooted in order to be marked as installed.
        public let installedPendingReboot: Int?
        /// The number of patches that are installed but are also on a list of patches that the customer rejected.
        public let installedRejectedCount: Int?
        /// The number of patches that are part of the compliance standard but are not installed. The count includes patches that failed to install.
        public let missingCount: Int?
        /// The type of patch operation performed. For Patch Manager, the values are SCAN and INSTALL.
        public let operation: String?
        /// Indicates when the operation completed. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let operationEndTime: String?
        /// Indicates when the operation started. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let operationStartTime: String?
        /// The reboot option specified for the instance.
        public let rebootOption: String?

        public init(failedCount: Int? = nil, id: String, installedCount: Int? = nil, installedOtherCount: Int? = nil, installedPendingReboot: Int? = nil, installedRejectedCount: Int? = nil, missingCount: Int? = nil, operation: String? = nil, operationEndTime: String? = nil, operationStartTime: String? = nil, rebootOption: String? = nil) {
            self.failedCount = failedCount
            self.id = id
            self.installedCount = installedCount
            self.installedOtherCount = installedOtherCount
            self.installedPendingReboot = installedPendingReboot
            self.installedRejectedCount = installedRejectedCount
            self.missingCount = missingCount
            self.operation = operation
            self.operationEndTime = operationEndTime
            self.operationStartTime = operationStartTime
            self.rebootOption = rebootOption
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.operation, name: "operation", parent: name, pattern: ".*\\S.*")
            try self.validate(self.operationEndTime, name: "operationEndTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.operationStartTime, name: "operationStartTime", parent: name, pattern: ".*\\S.*")
            try self.validate(self.rebootOption, name: "rebootOption", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case failedCount = "FailedCount"
            case id = "Id"
            case installedCount = "InstalledCount"
            case installedOtherCount = "InstalledOtherCount"
            case installedPendingReboot = "InstalledPendingReboot"
            case installedRejectedCount = "InstalledRejectedCount"
            case missingCount = "MissingCount"
            case operation = "Operation"
            case operationEndTime = "OperationEndTime"
            case operationStartTime = "OperationStartTime"
            case rebootOption = "RebootOption"
        }
    }

    public struct PortProbeAction: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether the port probe was blocked.
        public let blocked: Bool?
        /// Information about the ports affected by the port probe.
        public let portProbeDetails: [PortProbeDetail]?

        public init(blocked: Bool? = nil, portProbeDetails: [PortProbeDetail]? = nil) {
            self.blocked = blocked
            self.portProbeDetails = portProbeDetails
        }

        public func validate(name: String) throws {
            try self.portProbeDetails?.forEach {
                try $0.validate(name: "\(name).portProbeDetails[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case blocked = "Blocked"
            case portProbeDetails = "PortProbeDetails"
        }
    }

    public struct PortProbeDetail: AWSEncodableShape & AWSDecodableShape {
        /// Provides information about the IP address where the scanned port is located.
        public let localIpDetails: ActionLocalIpDetails?
        /// Provides information about the port that was scanned.
        public let localPortDetails: ActionLocalPortDetails?
        /// Provides information about the remote IP address that performed the scan.
        public let remoteIpDetails: ActionRemoteIpDetails?

        public init(localIpDetails: ActionLocalIpDetails? = nil, localPortDetails: ActionLocalPortDetails? = nil, remoteIpDetails: ActionRemoteIpDetails? = nil) {
            self.localIpDetails = localIpDetails
            self.localPortDetails = localPortDetails
            self.remoteIpDetails = remoteIpDetails
        }

        public func validate(name: String) throws {
            try self.localIpDetails?.validate(name: "\(name).localIpDetails")
            try self.localPortDetails?.validate(name: "\(name).localPortDetails")
            try self.remoteIpDetails?.validate(name: "\(name).remoteIpDetails")
        }

        private enum CodingKeys: String, CodingKey {
            case localIpDetails = "LocalIpDetails"
            case localPortDetails = "LocalPortDetails"
            case remoteIpDetails = "RemoteIpDetails"
        }
    }

    public struct PortRange: AWSEncodableShape & AWSDecodableShape {
        /// The first port in the port range.
        public let begin: Int?
        /// The last port in the port range.
        public let end: Int?

        public init(begin: Int? = nil, end: Int? = nil) {
            self.begin = begin
            self.end = end
        }

        private enum CodingKeys: String, CodingKey {
            case begin = "Begin"
            case end = "End"
        }
    }

    public struct ProcessDetails: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when the process was launched. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let launchedAt: String?
        /// The name of the process.
        public let name: String?
        /// The parent process ID.
        public let parentPid: Int?
        /// The path to the process executable.
        public let path: String?
        /// The process ID.
        public let pid: Int?
        /// Indicates when the process was terminated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let terminatedAt: String?

        public init(launchedAt: String? = nil, name: String? = nil, parentPid: Int? = nil, path: String? = nil, pid: Int? = nil, terminatedAt: String? = nil) {
            self.launchedAt = launchedAt
            self.name = name
            self.parentPid = parentPid
            self.path = path
            self.pid = pid
            self.terminatedAt = terminatedAt
        }

        public func validate(name: String) throws {
            try self.validate(self.launchedAt, name: "launchedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.path, name: "path", parent: name, pattern: ".*\\S.*")
            try self.validate(self.terminatedAt, name: "terminatedAt", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case launchedAt = "LaunchedAt"
            case name = "Name"
            case parentPid = "ParentPid"
            case path = "Path"
            case pid = "Pid"
            case terminatedAt = "TerminatedAt"
        }
    }

    public struct Product: AWSDecodableShape {
        /// The URL used to activate the product.
        public let activationUrl: String?
        /// The categories assigned to the product.
        public let categories: [String]?
        /// The name of the company that provides the product.
        public let companyName: String?
        /// A description of the product.
        public let description: String?
        /// The types of integration that the product supports. Available values are the following.    SEND_FINDINGS_TO_SECURITY_HUB - Indicates that the integration sends findings to Security Hub.    RECEIVE_FINDINGS_FROM_SECURITY_HUB - Indicates that the integration receives findings from Security Hub.
        public let integrationTypes: [IntegrationType]?
        /// The URL for the page that contains more information about the product.
        public let marketplaceUrl: String?
        /// The ARN assigned to the product.
        public let productArn: String
        /// The name of the product.
        public let productName: String?
        /// The resource policy associated with the product.
        public let productSubscriptionResourcePolicy: String?

        public init(activationUrl: String? = nil, categories: [String]? = nil, companyName: String? = nil, description: String? = nil, integrationTypes: [IntegrationType]? = nil, marketplaceUrl: String? = nil, productArn: String, productName: String? = nil, productSubscriptionResourcePolicy: String? = nil) {
            self.activationUrl = activationUrl
            self.categories = categories
            self.companyName = companyName
            self.description = description
            self.integrationTypes = integrationTypes
            self.marketplaceUrl = marketplaceUrl
            self.productArn = productArn
            self.productName = productName
            self.productSubscriptionResourcePolicy = productSubscriptionResourcePolicy
        }

        private enum CodingKeys: String, CodingKey {
            case activationUrl = "ActivationUrl"
            case categories = "Categories"
            case companyName = "CompanyName"
            case description = "Description"
            case integrationTypes = "IntegrationTypes"
            case marketplaceUrl = "MarketplaceUrl"
            case productArn = "ProductArn"
            case productName = "ProductName"
            case productSubscriptionResourcePolicy = "ProductSubscriptionResourcePolicy"
        }
    }

    public struct Recommendation: AWSEncodableShape & AWSDecodableShape {
        /// Describes the recommended steps to take to remediate an issue identified in a finding.
        public let text: String?
        /// A URL to a page or site that contains information about how to remediate a finding.
        public let url: String?

        public init(text: String? = nil, url: String? = nil) {
            self.text = text
            self.url = url
        }

        public func validate(name: String) throws {
            try self.validate(self.text, name: "text", parent: name, pattern: ".*\\S.*")
            try self.validate(self.url, name: "url", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case text = "Text"
            case url = "Url"
        }
    }

    public struct RelatedFinding: AWSEncodableShape & AWSDecodableShape {
        /// The product-generated identifier for a related finding.
        public let id: String
        /// The ARN of the product that generated a related finding.
        public let productArn: String

        public init(id: String, productArn: String) {
            self.id = id
            self.productArn = productArn
        }

        public func validate(name: String) throws {
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.productArn, name: "productArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case id = "Id"
            case productArn = "ProductArn"
        }
    }

    public struct Remediation: AWSEncodableShape & AWSDecodableShape {
        /// A recommendation on the steps to take to remediate the issue identified by a finding.
        public let recommendation: Recommendation?

        public init(recommendation: Recommendation? = nil) {
            self.recommendation = recommendation
        }

        public func validate(name: String) throws {
            try self.recommendation?.validate(name: "\(name).recommendation")
        }

        private enum CodingKeys: String, CodingKey {
            case recommendation = "Recommendation"
        }
    }

    public struct Resource: AWSEncodableShape & AWSDecodableShape {
        /// Additional details about the resource related to a finding.
        public let details: ResourceDetails?
        /// The canonical identifier for the given resource type.
        public let id: String
        /// The canonical AWS partition name that the Region is assigned to.
        public let partition: Partition?
        /// The canonical AWS external Region name where this resource is located.
        public let region: String?
        /// Identifies the role of the resource in the finding. A resource is either the actor or target of the finding activity,
        public let resourceRole: String?
        /// A list of AWS tags associated with a resource at the time the finding was processed.
        public let tags: [String: String]?
        /// The type of the resource that details are provided for. If possible, set Type to one of the supported resource types. For example, if the resource is an EC2 instance, then set Type to AwsEc2Instance. If the resource does not match any of the provided types, then set Type to Other.
        public let type: String

        public init(details: ResourceDetails? = nil, id: String, partition: Partition? = nil, region: String? = nil, resourceRole: String? = nil, tags: [String: String]? = nil, type: String) {
            self.details = details
            self.id = id
            self.partition = partition
            self.region = region
            self.resourceRole = resourceRole
            self.tags = tags
            self.type = type
        }

        public func validate(name: String) throws {
            try self.details?.validate(name: "\(name).details")
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.validate(self.region, name: "region", parent: name, pattern: ".*\\S.*")
            try self.validate(self.resourceRole, name: "resourceRole", parent: name, pattern: ".*\\S.*")
            try self.tags?.forEach {
                try validate($0.key, name: "tags.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "tags[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case details = "Details"
            case id = "Id"
            case partition = "Partition"
            case region = "Region"
            case resourceRole = "ResourceRole"
            case tags = "Tags"
            case type = "Type"
        }
    }

    public struct ResourceDetails: AWSEncodableShape & AWSDecodableShape {
        /// Provides information about a REST API in version 1 of Amazon API Gateway.
        public let awsApiGatewayRestApi: AwsApiGatewayRestApiDetails?
        /// Provides information about a version 1 Amazon API Gateway stage.
        public let awsApiGatewayStage: AwsApiGatewayStageDetails?
        /// Provides information about a version 2 API in Amazon API Gateway.
        public let awsApiGatewayV2Api: AwsApiGatewayV2ApiDetails?
        /// Provides information about a version 2 stage for Amazon API Gateway.
        public let awsApiGatewayV2Stage: AwsApiGatewayV2StageDetails?
        /// Details for an autoscaling group.
        public let awsAutoScalingAutoScalingGroup: AwsAutoScalingAutoScalingGroupDetails?
        /// Provides details about an AWS Certificate Manager (ACM) certificate.
        public let awsCertificateManagerCertificate: AwsCertificateManagerCertificateDetails?
        /// Details about a CloudFront distribution.
        public let awsCloudFrontDistribution: AwsCloudFrontDistributionDetails?
        /// Provides details about a CloudTrail trail.
        public let awsCloudTrailTrail: AwsCloudTrailTrailDetails?
        /// Details for an AWS CodeBuild project.
        public let awsCodeBuildProject: AwsCodeBuildProjectDetails?
        /// Details about a DynamoDB table.
        public let awsDynamoDbTable: AwsDynamoDbTableDetails?
        /// Details about an Elastic IP address.
        public let awsEc2Eip: AwsEc2EipDetails?
        /// Details about an Amazon EC2 instance related to a finding.
        public let awsEc2Instance: AwsEc2InstanceDetails?
        /// Details for an Amazon EC2 network interface.
        public let awsEc2NetworkInterface: AwsEc2NetworkInterfaceDetails?
        /// Details for an EC2 security group.
        public let awsEc2SecurityGroup: AwsEc2SecurityGroupDetails?
        /// Details for an EC2 volume.
        public let awsEc2Volume: AwsEc2VolumeDetails?
        /// Details for an EC2 VPC.
        public let awsEc2Vpc: AwsEc2VpcDetails?
        /// Details for an Elasticsearch domain.
        public let awsElasticsearchDomain: AwsElasticsearchDomainDetails?
        /// contains details about a Classic Load Balancer.
        public let awsElbLoadBalancer: AwsElbLoadBalancerDetails?
        /// Details about a load balancer.
        public let awsElbv2LoadBalancer: AwsElbv2LoadBalancerDetails?
        /// Details about an IAM access key related to a finding.
        public let awsIamAccessKey: AwsIamAccessKeyDetails?
        /// Contains details about an IAM group.
        public let awsIamGroup: AwsIamGroupDetails?
        /// Details about an IAM permissions policy.
        public let awsIamPolicy: AwsIamPolicyDetails?
        /// Details about an IAM role.
        public let awsIamRole: AwsIamRoleDetails?
        /// Details about an IAM user.
        public let awsIamUser: AwsIamUserDetails?
        /// Details about a KMS key.
        public let awsKmsKey: AwsKmsKeyDetails?
        /// Details about a Lambda function.
        public let awsLambdaFunction: AwsLambdaFunctionDetails?
        /// Details for a Lambda layer version.
        public let awsLambdaLayerVersion: AwsLambdaLayerVersionDetails?
        /// Details about an Amazon RDS database cluster.
        public let awsRdsDbCluster: AwsRdsDbClusterDetails?
        /// Details about an Amazon RDS database cluster snapshot.
        public let awsRdsDbClusterSnapshot: AwsRdsDbClusterSnapshotDetails?
        /// Details about an Amazon RDS database instance.
        public let awsRdsDbInstance: AwsRdsDbInstanceDetails?
        /// Details about an Amazon RDS database snapshot.
        public let awsRdsDbSnapshot: AwsRdsDbSnapshotDetails?
        /// Contains details about an Amazon Redshift cluster.
        public let awsRedshiftCluster: AwsRedshiftClusterDetails?
        /// Details about an Amazon S3 bucket related to a finding.
        public let awsS3Bucket: AwsS3BucketDetails?
        /// Details about an Amazon S3 object related to a finding.
        public let awsS3Object: AwsS3ObjectDetails?
        /// Details about a Secrets Manager secret.
        public let awsSecretsManagerSecret: AwsSecretsManagerSecretDetails?
        /// Details about an SNS topic.
        public let awsSnsTopic: AwsSnsTopicDetails?
        /// Details about an SQS queue.
        public let awsSqsQueue: AwsSqsQueueDetails?
        /// Provides information about the state of a patch on an instance based on the patch baseline that was used to patch the instance.
        public let awsSsmPatchCompliance: AwsSsmPatchComplianceDetails?
        /// Details for a WAF WebACL.
        public let awsWafWebAcl: AwsWafWebAclDetails?
        /// Details about a container resource related to a finding.
        public let container: ContainerDetails?
        /// Details about a resource that are not available in a type-specific details object. Use the Other object in the following cases.   The type-specific object does not contain all of the fields that you want to populate. In this case, first use the type-specific object to populate those fields. Use the Other object to populate the fields that are missing from the type-specific object.   The resource type does not have a corresponding object. This includes resources for which the type is Other.
        public let other: [String: String]?

        public init(awsApiGatewayRestApi: AwsApiGatewayRestApiDetails? = nil, awsApiGatewayStage: AwsApiGatewayStageDetails? = nil, awsApiGatewayV2Api: AwsApiGatewayV2ApiDetails? = nil, awsApiGatewayV2Stage: AwsApiGatewayV2StageDetails? = nil, awsAutoScalingAutoScalingGroup: AwsAutoScalingAutoScalingGroupDetails? = nil, awsCertificateManagerCertificate: AwsCertificateManagerCertificateDetails? = nil, awsCloudFrontDistribution: AwsCloudFrontDistributionDetails? = nil, awsCloudTrailTrail: AwsCloudTrailTrailDetails? = nil, awsCodeBuildProject: AwsCodeBuildProjectDetails? = nil, awsDynamoDbTable: AwsDynamoDbTableDetails? = nil, awsEc2Eip: AwsEc2EipDetails? = nil, awsEc2Instance: AwsEc2InstanceDetails? = nil, awsEc2NetworkInterface: AwsEc2NetworkInterfaceDetails? = nil, awsEc2SecurityGroup: AwsEc2SecurityGroupDetails? = nil, awsEc2Volume: AwsEc2VolumeDetails? = nil, awsEc2Vpc: AwsEc2VpcDetails? = nil, awsElasticsearchDomain: AwsElasticsearchDomainDetails? = nil, awsElbLoadBalancer: AwsElbLoadBalancerDetails? = nil, awsElbv2LoadBalancer: AwsElbv2LoadBalancerDetails? = nil, awsIamAccessKey: AwsIamAccessKeyDetails? = nil, awsIamGroup: AwsIamGroupDetails? = nil, awsIamPolicy: AwsIamPolicyDetails? = nil, awsIamRole: AwsIamRoleDetails? = nil, awsIamUser: AwsIamUserDetails? = nil, awsKmsKey: AwsKmsKeyDetails? = nil, awsLambdaFunction: AwsLambdaFunctionDetails? = nil, awsLambdaLayerVersion: AwsLambdaLayerVersionDetails? = nil, awsRdsDbCluster: AwsRdsDbClusterDetails? = nil, awsRdsDbClusterSnapshot: AwsRdsDbClusterSnapshotDetails? = nil, awsRdsDbInstance: AwsRdsDbInstanceDetails? = nil, awsRdsDbSnapshot: AwsRdsDbSnapshotDetails? = nil, awsRedshiftCluster: AwsRedshiftClusterDetails? = nil, awsS3Bucket: AwsS3BucketDetails? = nil, awsS3Object: AwsS3ObjectDetails? = nil, awsSecretsManagerSecret: AwsSecretsManagerSecretDetails? = nil, awsSnsTopic: AwsSnsTopicDetails? = nil, awsSqsQueue: AwsSqsQueueDetails? = nil, awsSsmPatchCompliance: AwsSsmPatchComplianceDetails? = nil, awsWafWebAcl: AwsWafWebAclDetails? = nil, container: ContainerDetails? = nil, other: [String: String]? = nil) {
            self.awsApiGatewayRestApi = awsApiGatewayRestApi
            self.awsApiGatewayStage = awsApiGatewayStage
            self.awsApiGatewayV2Api = awsApiGatewayV2Api
            self.awsApiGatewayV2Stage = awsApiGatewayV2Stage
            self.awsAutoScalingAutoScalingGroup = awsAutoScalingAutoScalingGroup
            self.awsCertificateManagerCertificate = awsCertificateManagerCertificate
            self.awsCloudFrontDistribution = awsCloudFrontDistribution
            self.awsCloudTrailTrail = awsCloudTrailTrail
            self.awsCodeBuildProject = awsCodeBuildProject
            self.awsDynamoDbTable = awsDynamoDbTable
            self.awsEc2Eip = awsEc2Eip
            self.awsEc2Instance = awsEc2Instance
            self.awsEc2NetworkInterface = awsEc2NetworkInterface
            self.awsEc2SecurityGroup = awsEc2SecurityGroup
            self.awsEc2Volume = awsEc2Volume
            self.awsEc2Vpc = awsEc2Vpc
            self.awsElasticsearchDomain = awsElasticsearchDomain
            self.awsElbLoadBalancer = awsElbLoadBalancer
            self.awsElbv2LoadBalancer = awsElbv2LoadBalancer
            self.awsIamAccessKey = awsIamAccessKey
            self.awsIamGroup = awsIamGroup
            self.awsIamPolicy = awsIamPolicy
            self.awsIamRole = awsIamRole
            self.awsIamUser = awsIamUser
            self.awsKmsKey = awsKmsKey
            self.awsLambdaFunction = awsLambdaFunction
            self.awsLambdaLayerVersion = awsLambdaLayerVersion
            self.awsRdsDbCluster = awsRdsDbCluster
            self.awsRdsDbClusterSnapshot = awsRdsDbClusterSnapshot
            self.awsRdsDbInstance = awsRdsDbInstance
            self.awsRdsDbSnapshot = awsRdsDbSnapshot
            self.awsRedshiftCluster = awsRedshiftCluster
            self.awsS3Bucket = awsS3Bucket
            self.awsS3Object = awsS3Object
            self.awsSecretsManagerSecret = awsSecretsManagerSecret
            self.awsSnsTopic = awsSnsTopic
            self.awsSqsQueue = awsSqsQueue
            self.awsSsmPatchCompliance = awsSsmPatchCompliance
            self.awsWafWebAcl = awsWafWebAcl
            self.container = container
            self.other = other
        }

        public func validate(name: String) throws {
            try self.awsApiGatewayRestApi?.validate(name: "\(name).awsApiGatewayRestApi")
            try self.awsApiGatewayStage?.validate(name: "\(name).awsApiGatewayStage")
            try self.awsApiGatewayV2Api?.validate(name: "\(name).awsApiGatewayV2Api")
            try self.awsApiGatewayV2Stage?.validate(name: "\(name).awsApiGatewayV2Stage")
            try self.awsAutoScalingAutoScalingGroup?.validate(name: "\(name).awsAutoScalingAutoScalingGroup")
            try self.awsCertificateManagerCertificate?.validate(name: "\(name).awsCertificateManagerCertificate")
            try self.awsCloudFrontDistribution?.validate(name: "\(name).awsCloudFrontDistribution")
            try self.awsCloudTrailTrail?.validate(name: "\(name).awsCloudTrailTrail")
            try self.awsCodeBuildProject?.validate(name: "\(name).awsCodeBuildProject")
            try self.awsDynamoDbTable?.validate(name: "\(name).awsDynamoDbTable")
            try self.awsEc2Eip?.validate(name: "\(name).awsEc2Eip")
            try self.awsEc2Instance?.validate(name: "\(name).awsEc2Instance")
            try self.awsEc2NetworkInterface?.validate(name: "\(name).awsEc2NetworkInterface")
            try self.awsEc2SecurityGroup?.validate(name: "\(name).awsEc2SecurityGroup")
            try self.awsEc2Volume?.validate(name: "\(name).awsEc2Volume")
            try self.awsEc2Vpc?.validate(name: "\(name).awsEc2Vpc")
            try self.awsElasticsearchDomain?.validate(name: "\(name).awsElasticsearchDomain")
            try self.awsElbLoadBalancer?.validate(name: "\(name).awsElbLoadBalancer")
            try self.awsElbv2LoadBalancer?.validate(name: "\(name).awsElbv2LoadBalancer")
            try self.awsIamAccessKey?.validate(name: "\(name).awsIamAccessKey")
            try self.awsIamGroup?.validate(name: "\(name).awsIamGroup")
            try self.awsIamPolicy?.validate(name: "\(name).awsIamPolicy")
            try self.awsIamRole?.validate(name: "\(name).awsIamRole")
            try self.awsIamUser?.validate(name: "\(name).awsIamUser")
            try self.awsKmsKey?.validate(name: "\(name).awsKmsKey")
            try self.awsLambdaFunction?.validate(name: "\(name).awsLambdaFunction")
            try self.awsLambdaLayerVersion?.validate(name: "\(name).awsLambdaLayerVersion")
            try self.awsRdsDbCluster?.validate(name: "\(name).awsRdsDbCluster")
            try self.awsRdsDbClusterSnapshot?.validate(name: "\(name).awsRdsDbClusterSnapshot")
            try self.awsRdsDbInstance?.validate(name: "\(name).awsRdsDbInstance")
            try self.awsRdsDbSnapshot?.validate(name: "\(name).awsRdsDbSnapshot")
            try self.awsRedshiftCluster?.validate(name: "\(name).awsRedshiftCluster")
            try self.awsS3Bucket?.validate(name: "\(name).awsS3Bucket")
            try self.awsS3Object?.validate(name: "\(name).awsS3Object")
            try self.awsSecretsManagerSecret?.validate(name: "\(name).awsSecretsManagerSecret")
            try self.awsSnsTopic?.validate(name: "\(name).awsSnsTopic")
            try self.awsSqsQueue?.validate(name: "\(name).awsSqsQueue")
            try self.awsSsmPatchCompliance?.validate(name: "\(name).awsSsmPatchCompliance")
            try self.awsWafWebAcl?.validate(name: "\(name).awsWafWebAcl")
            try self.container?.validate(name: "\(name).container")
            try self.other?.forEach {
                try validate($0.key, name: "other.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "other[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case awsApiGatewayRestApi = "AwsApiGatewayRestApi"
            case awsApiGatewayStage = "AwsApiGatewayStage"
            case awsApiGatewayV2Api = "AwsApiGatewayV2Api"
            case awsApiGatewayV2Stage = "AwsApiGatewayV2Stage"
            case awsAutoScalingAutoScalingGroup = "AwsAutoScalingAutoScalingGroup"
            case awsCertificateManagerCertificate = "AwsCertificateManagerCertificate"
            case awsCloudFrontDistribution = "AwsCloudFrontDistribution"
            case awsCloudTrailTrail = "AwsCloudTrailTrail"
            case awsCodeBuildProject = "AwsCodeBuildProject"
            case awsDynamoDbTable = "AwsDynamoDbTable"
            case awsEc2Eip = "AwsEc2Eip"
            case awsEc2Instance = "AwsEc2Instance"
            case awsEc2NetworkInterface = "AwsEc2NetworkInterface"
            case awsEc2SecurityGroup = "AwsEc2SecurityGroup"
            case awsEc2Volume = "AwsEc2Volume"
            case awsEc2Vpc = "AwsEc2Vpc"
            case awsElasticsearchDomain = "AwsElasticsearchDomain"
            case awsElbLoadBalancer = "AwsElbLoadBalancer"
            case awsElbv2LoadBalancer = "AwsElbv2LoadBalancer"
            case awsIamAccessKey = "AwsIamAccessKey"
            case awsIamGroup = "AwsIamGroup"
            case awsIamPolicy = "AwsIamPolicy"
            case awsIamRole = "AwsIamRole"
            case awsIamUser = "AwsIamUser"
            case awsKmsKey = "AwsKmsKey"
            case awsLambdaFunction = "AwsLambdaFunction"
            case awsLambdaLayerVersion = "AwsLambdaLayerVersion"
            case awsRdsDbCluster = "AwsRdsDbCluster"
            case awsRdsDbClusterSnapshot = "AwsRdsDbClusterSnapshot"
            case awsRdsDbInstance = "AwsRdsDbInstance"
            case awsRdsDbSnapshot = "AwsRdsDbSnapshot"
            case awsRedshiftCluster = "AwsRedshiftCluster"
            case awsS3Bucket = "AwsS3Bucket"
            case awsS3Object = "AwsS3Object"
            case awsSecretsManagerSecret = "AwsSecretsManagerSecret"
            case awsSnsTopic = "AwsSnsTopic"
            case awsSqsQueue = "AwsSqsQueue"
            case awsSsmPatchCompliance = "AwsSsmPatchCompliance"
            case awsWafWebAcl = "AwsWafWebAcl"
            case container = "Container"
            case other = "Other"
        }
    }

    public struct Result: AWSDecodableShape {
        /// An AWS account ID of the account that was not processed.
        public let accountId: String?
        /// The reason that the account was not processed.
        public let processingResult: String?

        public init(accountId: String? = nil, processingResult: String? = nil) {
            self.accountId = accountId
            self.processingResult = processingResult
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case processingResult = "ProcessingResult"
        }
    }

    public struct Severity: AWSEncodableShape & AWSDecodableShape {
        /// The severity value of the finding. The allowed values are the following.    INFORMATIONAL - No issue was found.    LOW - The issue does not require action on its own.    MEDIUM - The issue must be addressed but not urgently.    HIGH - The issue must be addressed as a priority.    CRITICAL - The issue must be remediated immediately to avoid it escalating.   If you provide Normalized and do not provide Label, then Label is set automatically as follows.    0 - INFORMATIONAL    1–39 - LOW    40–69 - MEDIUM    70–89 - HIGH    90–100 - CRITICAL
        public let label: SeverityLabel?
        /// Deprecated. The normalized severity of a finding. This attribute is being deprecated. Instead of providing Normalized, provide Label. If you provide Label and do not provide Normalized, then Normalized is set automatically as follows.    INFORMATIONAL - 0    LOW - 1    MEDIUM - 40    HIGH - 70    CRITICAL - 90
        public let normalized: Int?
        /// The native severity from the finding product that generated the finding.
        public let original: String?
        /// Deprecated. This attribute is being deprecated. Instead of providing Product, provide Original. The native severity as defined by the AWS service or integrated partner product that generated the finding.
        public let product: Double?

        public init(label: SeverityLabel? = nil, normalized: Int? = nil, original: String? = nil, product: Double? = nil) {
            self.label = label
            self.normalized = normalized
            self.original = original
            self.product = product
        }

        public func validate(name: String) throws {
            try self.validate(self.original, name: "original", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case label = "Label"
            case normalized = "Normalized"
            case original = "Original"
            case product = "Product"
        }
    }

    public struct SeverityUpdate: AWSEncodableShape {
        /// The severity value of the finding. The allowed values are the following.    INFORMATIONAL - No issue was found.    LOW - The issue does not require action on its own.    MEDIUM - The issue must be addressed but not urgently.    HIGH - The issue must be addressed as a priority.    CRITICAL - The issue must be remediated immediately to avoid it escalating.
        public let label: SeverityLabel?
        /// The normalized severity for the finding. This attribute is to be deprecated in favor of Label. If you provide Normalized and do not provide Label, Label is set automatically as follows.   0 - INFORMATIONAL    1–39 - LOW    40–69 - MEDIUM    70–89 - HIGH    90–100 - CRITICAL
        public let normalized: Int?
        /// The native severity as defined by the AWS service or integrated partner product that generated the finding.
        public let product: Double?

        public init(label: SeverityLabel? = nil, normalized: Int? = nil, product: Double? = nil) {
            self.label = label
            self.normalized = normalized
            self.product = product
        }

        public func validate(name: String) throws {
            try self.validate(self.normalized, name: "normalized", parent: name, max: 100)
            try self.validate(self.normalized, name: "normalized", parent: name, min: 0)
        }

        private enum CodingKeys: String, CodingKey {
            case label = "Label"
            case normalized = "Normalized"
            case product = "Product"
        }
    }

    public struct SoftwarePackage: AWSEncodableShape & AWSDecodableShape {
        /// The architecture used for the software package.
        public let architecture: String?
        /// The epoch of the software package.
        public let epoch: String?
        /// The name of the software package.
        public let name: String?
        /// The release of the software package.
        public let release: String?
        /// The version of the software package.
        public let version: String?

        public init(architecture: String? = nil, epoch: String? = nil, name: String? = nil, release: String? = nil, version: String? = nil) {
            self.architecture = architecture
            self.epoch = epoch
            self.name = name
            self.release = release
            self.version = version
        }

        public func validate(name: String) throws {
            try self.validate(self.architecture, name: "architecture", parent: name, pattern: ".*\\S.*")
            try self.validate(self.epoch, name: "epoch", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.release, name: "release", parent: name, pattern: ".*\\S.*")
            try self.validate(self.version, name: "version", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case architecture = "Architecture"
            case epoch = "Epoch"
            case name = "Name"
            case release = "Release"
            case version = "Version"
        }
    }

    public struct SortCriterion: AWSEncodableShape {
        /// The finding attribute used to sort findings.
        public let field: String?
        /// The order used to sort findings.
        public let sortOrder: SortOrder?

        public init(field: String? = nil, sortOrder: SortOrder? = nil) {
            self.field = field
            self.sortOrder = sortOrder
        }

        public func validate(name: String) throws {
            try self.validate(self.field, name: "field", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case field = "Field"
            case sortOrder = "SortOrder"
        }
    }

    public struct Standard: AWSDecodableShape {
        /// A description of the standard.
        public let description: String?
        /// Whether the standard is enabled by default. When Security Hub is enabled from the console, if a standard is enabled by default, the check box for that standard is selected by default. When Security Hub is enabled using the EnableSecurityHub API operation, the standard is enabled by default unless EnableDefaultStandards is set to false.
        public let enabledByDefault: Bool?
        /// The name of the standard.
        public let name: String?
        /// The ARN of a standard.
        public let standardsArn: String?

        public init(description: String? = nil, enabledByDefault: Bool? = nil, name: String? = nil, standardsArn: String? = nil) {
            self.description = description
            self.enabledByDefault = enabledByDefault
            self.name = name
            self.standardsArn = standardsArn
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case enabledByDefault = "EnabledByDefault"
            case name = "Name"
            case standardsArn = "StandardsArn"
        }
    }

    public struct StandardsControl: AWSDecodableShape {
        /// The identifier of the security standard control.
        public let controlId: String?
        /// The current status of the security standard control. Indicates whether the control is enabled or disabled. Security Hub does not check against disabled controls.
        public let controlStatus: ControlStatus?
        /// The date and time that the status of the security standard control was most recently updated.
        @OptionalCustomCoding<ISO8601DateCoder>
        public var controlStatusUpdatedAt: Date?
        /// The longer description of the security standard control. Provides information about what the control is checking for.
        public let description: String?
        /// The reason provided for the most recent change in status for the control.
        public let disabledReason: String?
        /// The list of requirements that are related to this control.
        public let relatedRequirements: [String]?
        /// A link to remediation information for the control in the Security Hub user documentation.
        public let remediationUrl: String?
        /// The severity of findings generated from this security standard control. The finding severity is based on an assessment of how easy it would be to compromise AWS resources if the issue is detected.
        public let severityRating: SeverityRating?
        /// The ARN of the security standard control.
        public let standardsControlArn: String?
        /// The title of the security standard control.
        public let title: String?

        public init(controlId: String? = nil, controlStatus: ControlStatus? = nil, controlStatusUpdatedAt: Date? = nil, description: String? = nil, disabledReason: String? = nil, relatedRequirements: [String]? = nil, remediationUrl: String? = nil, severityRating: SeverityRating? = nil, standardsControlArn: String? = nil, title: String? = nil) {
            self.controlId = controlId
            self.controlStatus = controlStatus
            self.controlStatusUpdatedAt = controlStatusUpdatedAt
            self.description = description
            self.disabledReason = disabledReason
            self.relatedRequirements = relatedRequirements
            self.remediationUrl = remediationUrl
            self.severityRating = severityRating
            self.standardsControlArn = standardsControlArn
            self.title = title
        }

        private enum CodingKeys: String, CodingKey {
            case controlId = "ControlId"
            case controlStatus = "ControlStatus"
            case controlStatusUpdatedAt = "ControlStatusUpdatedAt"
            case description = "Description"
            case disabledReason = "DisabledReason"
            case relatedRequirements = "RelatedRequirements"
            case remediationUrl = "RemediationUrl"
            case severityRating = "SeverityRating"
            case standardsControlArn = "StandardsControlArn"
            case title = "Title"
        }
    }

    public struct StandardsSubscription: AWSDecodableShape {
        /// The ARN of a standard.
        public let standardsArn: String
        /// A key-value pair of input for the standard.
        public let standardsInput: [String: String]
        /// The status of the standard subscription. The status values are as follows:    PENDING - Standard is in the process of being enabled.    READY - Standard is enabled.    INCOMPLETE - Standard could not be enabled completely. Some controls may not be available.    DELETING - Standard is in the process of being disabled.    FAILED - Standard could not be disabled.
        public let standardsStatus: StandardsStatus
        /// The ARN of a resource that represents your subscription to a supported standard.
        public let standardsSubscriptionArn: String

        public init(standardsArn: String, standardsInput: [String: String], standardsStatus: StandardsStatus, standardsSubscriptionArn: String) {
            self.standardsArn = standardsArn
            self.standardsInput = standardsInput
            self.standardsStatus = standardsStatus
            self.standardsSubscriptionArn = standardsSubscriptionArn
        }

        private enum CodingKeys: String, CodingKey {
            case standardsArn = "StandardsArn"
            case standardsInput = "StandardsInput"
            case standardsStatus = "StandardsStatus"
            case standardsSubscriptionArn = "StandardsSubscriptionArn"
        }
    }

    public struct StandardsSubscriptionRequest: AWSEncodableShape {
        /// The ARN of the standard that you want to enable. To view the list of available standards and their ARNs, use the  DescribeStandards  operation.
        public let standardsArn: String
        /// A key-value pair of input for the standard.
        public let standardsInput: [String: String]?

        public init(standardsArn: String, standardsInput: [String: String]? = nil) {
            self.standardsArn = standardsArn
            self.standardsInput = standardsInput
        }

        public func validate(name: String) throws {
            try self.validate(self.standardsArn, name: "standardsArn", parent: name, pattern: ".*\\S.*")
            try self.standardsInput?.forEach {
                try validate($0.key, name: "standardsInput.key", parent: name, pattern: ".*\\S.*")
                try validate($0.value, name: "standardsInput[\"\($0.key)\"]", parent: name, pattern: ".*\\S.*")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case standardsArn = "StandardsArn"
            case standardsInput = "StandardsInput"
        }
    }

    public struct StatusReason: AWSEncodableShape & AWSDecodableShape {
        /// The corresponding description for the status reason code.
        public let description: String?
        /// A code that represents a reason for the control status. For the list of status reason codes and their meanings, see Standards-related information in the ASFF in the AWS Security Hub User Guide.
        public let reasonCode: String

        public init(description: String? = nil, reasonCode: String) {
            self.description = description
            self.reasonCode = reasonCode
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.reasonCode, name: "reasonCode", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case reasonCode = "ReasonCode"
        }
    }

    public struct StringFilter: AWSEncodableShape & AWSDecodableShape {
        /// The condition to apply to a string value when querying for findings. To search for values that contain the filter criteria value, use one of the following comparison operators:   To search for values that exactly match the filter value, use EQUALS. For example, the filter ResourceType EQUALS AwsEc2SecurityGroup only matches findings that have a resource type of AwsEc2SecurityGroup.   To search for values that start with the filter value, use PREFIX. For example, the filter ResourceType PREFIX AwsIam matches findings that have a resource type that starts with AwsIam. Findings with a resource type of AwsIamPolicy, AwsIamRole, or AwsIamUser would all match.    EQUALS and PREFIX filters on the same field are joined by OR. A finding matches if it matches any one of those filters. To search for values that do not contain the filter criteria value, use one of the following comparison operators:   To search for values that do not exactly match the filter value, use NOT_EQUALS. For example, the filter ResourceType NOT_EQUALS AwsIamPolicy matches findings that have a resource type other than AwsIamPolicy.   To search for values that do not start with the filter value, use PREFIX_NOT_EQUALS. For example, the filter ResourceType PREFIX_NOT_EQUALS AwsIam matches findings that have a resource type that does not start with AwsIam. Findings with a resource type of AwsIamPolicy, AwsIamRole, or AwsIamUser would all be excluded from the results.    NOT_EQUALS and PREFIX_NOT_EQUALS filters on the same field are joined by AND. A finding matches only if it matches all of those filters. For filters on the same field, you cannot provide both an EQUALS filter and a NOT_EQUALS or PREFIX_NOT_EQUALS filter. Combining filters in this way always returns an error, even if the provided filter values would return valid results. You can combine PREFIX filters with NOT_EQUALS or PREFIX_NOT_EQUALS filters for the same field. Security Hub first processes the PREFIX filters, then the NOT_EQUALS or PREFIX_NOT_EQUALS filters.  For example, for the following filter, Security Hub first identifies findings that have resource types that start with either AwsIAM or AwsEc2. It then excludes findings that have a resource type of AwsIamPolicy and findings that have a resource type of AwsEc2NetworkInterface.    ResourceType PREFIX AwsIam     ResourceType PREFIX AwsEc2     ResourceType NOT_EQUALS AwsIamPolicy     ResourceType NOT_EQUALS AwsEc2NetworkInterface
        public let comparison: StringFilterComparison?
        /// The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is Security Hub. If you provide security hub as the filter text, then there is no match.
        public let value: String?

        public init(comparison: StringFilterComparison? = nil, value: String? = nil) {
            self.comparison = comparison
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case comparison = "Comparison"
            case value = "Value"
        }
    }

    public struct TagResourceRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "resourceArn", location: .uri(locationName: "ResourceArn"))
        ]

        /// The ARN of the resource to apply the tags to.
        public let resourceArn: String
        /// The tags to add to the resource.
        public let tags: [String: String]

        public init(resourceArn: String, tags: [String: String]) {
            self.resourceArn = resourceArn
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:aws:securityhub:.*")
            try self.tags.forEach {
                try validate($0.key, name: "tags.key", parent: name, max: 128)
                try validate($0.key, name: "tags.key", parent: name, min: 1)
                try validate($0.key, name: "tags.key", parent: name, pattern: "^(?!aws:)[a-zA-Z+-=._:/]+$")
                try validate($0.value, name: "tags[\"\($0.key)\"]", parent: name, max: 256)
            }
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct TagResourceResponse: AWSDecodableShape {
        public init() {}
    }

    public struct ThreatIntelIndicator: AWSEncodableShape & AWSDecodableShape {
        /// The category of a threat intelligence indicator.
        public let category: ThreatIntelIndicatorCategory?
        /// Indicates when the most recent instance of a threat intelligence indicator was observed. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let lastObservedAt: String?
        /// The source of the threat intelligence indicator.
        public let source: String?
        /// The URL to the page or site where you can get more information about the threat intelligence indicator.
        public let sourceUrl: String?
        /// The type of threat intelligence indicator.
        public let type: ThreatIntelIndicatorType?
        /// The value of a threat intelligence indicator.
        public let value: String?

        public init(category: ThreatIntelIndicatorCategory? = nil, lastObservedAt: String? = nil, source: String? = nil, sourceUrl: String? = nil, type: ThreatIntelIndicatorType? = nil, value: String? = nil) {
            self.category = category
            self.lastObservedAt = lastObservedAt
            self.source = source
            self.sourceUrl = sourceUrl
            self.type = type
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.lastObservedAt, name: "lastObservedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.source, name: "source", parent: name, pattern: ".*\\S.*")
            try self.validate(self.sourceUrl, name: "sourceUrl", parent: name, pattern: ".*\\S.*")
            try self.validate(self.value, name: "value", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case category = "Category"
            case lastObservedAt = "LastObservedAt"
            case source = "Source"
            case sourceUrl = "SourceUrl"
            case type = "Type"
            case value = "Value"
        }
    }

    public struct UntagResourceRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "resourceArn", location: .uri(locationName: "ResourceArn")),
            AWSMemberEncoding(label: "tagKeys", location: .querystring(locationName: "tagKeys"))
        ]

        /// The ARN of the resource to remove the tags from.
        public let resourceArn: String
        /// The tag keys associated with the tags to remove from the resource.
        public let tagKeys: [String]

        public init(resourceArn: String, tagKeys: [String]) {
            self.resourceArn = resourceArn
            self.tagKeys = tagKeys
        }

        public func validate(name: String) throws {
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:aws:securityhub:.*")
            try self.tagKeys.forEach {
                try validate($0, name: "tagKeys[]", parent: name, max: 128)
                try validate($0, name: "tagKeys[]", parent: name, min: 1)
                try validate($0, name: "tagKeys[]", parent: name, pattern: "^(?!aws:)[a-zA-Z+-=._:/]+$")
            }
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, max: 50)
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct UntagResourceResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateActionTargetRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "actionTargetArn", location: .uri(locationName: "ActionTargetArn"))
        ]

        /// The ARN of the custom action target to update.
        public let actionTargetArn: String
        /// The updated description for the custom action target.
        public let description: String?
        /// The updated name of the custom action target.
        public let name: String?

        public init(actionTargetArn: String, description: String? = nil, name: String? = nil) {
            self.actionTargetArn = actionTargetArn
            self.description = description
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.actionTargetArn, name: "actionTargetArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.description, name: "description", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case name = "Name"
        }
    }

    public struct UpdateActionTargetResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateFindingsRequest: AWSEncodableShape {
        /// A collection of attributes that specify which findings you want to update.
        public let filters: AwsSecurityFindingFilters
        /// The updated note for the finding.
        public let note: NoteUpdate?
        /// The updated record state for the finding.
        public let recordState: RecordState?

        public init(filters: AwsSecurityFindingFilters, note: NoteUpdate? = nil, recordState: RecordState? = nil) {
            self.filters = filters
            self.note = note
            self.recordState = recordState
        }

        public func validate(name: String) throws {
            try self.filters.validate(name: "\(name).filters")
            try self.note?.validate(name: "\(name).note")
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case note = "Note"
            case recordState = "RecordState"
        }
    }

    public struct UpdateFindingsResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateInsightRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "insightArn", location: .uri(locationName: "InsightArn"))
        ]

        /// The updated filters that define this insight.
        public let filters: AwsSecurityFindingFilters?
        /// The updated GroupBy attribute that defines this insight.
        public let groupByAttribute: String?
        /// The ARN of the insight that you want to update.
        public let insightArn: String
        /// The updated name for the insight.
        public let name: String?

        public init(filters: AwsSecurityFindingFilters? = nil, groupByAttribute: String? = nil, insightArn: String, name: String? = nil) {
            self.filters = filters
            self.groupByAttribute = groupByAttribute
            self.insightArn = insightArn
            self.name = name
        }

        public func validate(name: String) throws {
            try self.filters?.validate(name: "\(name).filters")
            try self.validate(self.groupByAttribute, name: "groupByAttribute", parent: name, pattern: ".*\\S.*")
            try self.validate(self.insightArn, name: "insightArn", parent: name, pattern: ".*\\S.*")
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case filters = "Filters"
            case groupByAttribute = "GroupByAttribute"
            case name = "Name"
        }
    }

    public struct UpdateInsightResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateOrganizationConfigurationRequest: AWSEncodableShape {
        /// Whether to automatically enable Security Hub for new accounts in the organization. By default, this is false, and new accounts are not added automatically. To automatically enable Security Hub for new accounts, set this to true.
        public let autoEnable: Bool

        public init(autoEnable: Bool) {
            self.autoEnable = autoEnable
        }

        private enum CodingKeys: String, CodingKey {
            case autoEnable = "AutoEnable"
        }
    }

    public struct UpdateOrganizationConfigurationResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateSecurityHubConfigurationRequest: AWSEncodableShape {
        /// Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.
        public let autoEnableControls: Bool?

        public init(autoEnableControls: Bool? = nil) {
            self.autoEnableControls = autoEnableControls
        }

        private enum CodingKeys: String, CodingKey {
            case autoEnableControls = "AutoEnableControls"
        }
    }

    public struct UpdateSecurityHubConfigurationResponse: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateStandardsControlRequest: AWSEncodableShape {
        public static var _encoding = [
            AWSMemberEncoding(label: "standardsControlArn", location: .uri(locationName: "StandardsControlArn"))
        ]

        /// The updated status of the security standard control.
        public let controlStatus: ControlStatus?
        /// A description of the reason why you are disabling a security standard control. If you are disabling a control, then this is required.
        public let disabledReason: String?
        /// The ARN of the security standard control to enable or disable.
        public let standardsControlArn: String

        public init(controlStatus: ControlStatus? = nil, disabledReason: String? = nil, standardsControlArn: String) {
            self.controlStatus = controlStatus
            self.disabledReason = disabledReason
            self.standardsControlArn = standardsControlArn
        }

        public func validate(name: String) throws {
            try self.validate(self.disabledReason, name: "disabledReason", parent: name, pattern: ".*\\S.*")
            try self.validate(self.standardsControlArn, name: "standardsControlArn", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case controlStatus = "ControlStatus"
            case disabledReason = "DisabledReason"
        }
    }

    public struct UpdateStandardsControlResponse: AWSDecodableShape {
        public init() {}
    }

    public struct Vulnerability: AWSEncodableShape & AWSDecodableShape {
        /// CVSS scores from the advisory related to the vulnerability.
        public let cvss: [Cvss]?
        /// The identifier of the vulnerability.
        public let id: String
        /// A list of URLs that provide additional information about the vulnerability.
        public let referenceUrls: [String]?
        /// List of vulnerabilities that are related to this vulnerability.
        public let relatedVulnerabilities: [String]?
        /// Information about the vendor that generates the vulnerability report.
        public let vendor: VulnerabilityVendor?
        /// List of software packages that have the vulnerability.
        public let vulnerablePackages: [SoftwarePackage]?

        public init(cvss: [Cvss]? = nil, id: String, referenceUrls: [String]? = nil, relatedVulnerabilities: [String]? = nil, vendor: VulnerabilityVendor? = nil, vulnerablePackages: [SoftwarePackage]? = nil) {
            self.cvss = cvss
            self.id = id
            self.referenceUrls = referenceUrls
            self.relatedVulnerabilities = relatedVulnerabilities
            self.vendor = vendor
            self.vulnerablePackages = vulnerablePackages
        }

        public func validate(name: String) throws {
            try self.cvss?.forEach {
                try $0.validate(name: "\(name).cvss[]")
            }
            try self.validate(self.id, name: "id", parent: name, pattern: ".*\\S.*")
            try self.referenceUrls?.forEach {
                try validate($0, name: "referenceUrls[]", parent: name, pattern: ".*\\S.*")
            }
            try self.relatedVulnerabilities?.forEach {
                try validate($0, name: "relatedVulnerabilities[]", parent: name, pattern: ".*\\S.*")
            }
            try self.vendor?.validate(name: "\(name).vendor")
            try self.vulnerablePackages?.forEach {
                try $0.validate(name: "\(name).vulnerablePackages[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case cvss = "Cvss"
            case id = "Id"
            case referenceUrls = "ReferenceUrls"
            case relatedVulnerabilities = "RelatedVulnerabilities"
            case vendor = "Vendor"
            case vulnerablePackages = "VulnerablePackages"
        }
    }

    public struct VulnerabilityVendor: AWSEncodableShape & AWSDecodableShape {
        /// The name of the vendor.
        public let name: String
        /// The URL of the vulnerability advisory.
        public let url: String?
        /// Indicates when the vulnerability advisory was created. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let vendorCreatedAt: String?
        /// The severity that the vendor assigned to the vulnerability.
        public let vendorSeverity: String?
        /// Indicates when the vulnerability advisory was last updated. Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
        public let vendorUpdatedAt: String?

        public init(name: String, url: String? = nil, vendorCreatedAt: String? = nil, vendorSeverity: String? = nil, vendorUpdatedAt: String? = nil) {
            self.name = name
            self.url = url
            self.vendorCreatedAt = vendorCreatedAt
            self.vendorSeverity = vendorSeverity
            self.vendorUpdatedAt = vendorUpdatedAt
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, pattern: ".*\\S.*")
            try self.validate(self.url, name: "url", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vendorCreatedAt, name: "vendorCreatedAt", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vendorSeverity, name: "vendorSeverity", parent: name, pattern: ".*\\S.*")
            try self.validate(self.vendorUpdatedAt, name: "vendorUpdatedAt", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case url = "Url"
            case vendorCreatedAt = "VendorCreatedAt"
            case vendorSeverity = "VendorSeverity"
            case vendorUpdatedAt = "VendorUpdatedAt"
        }
    }

    public struct WafAction: AWSEncodableShape & AWSDecodableShape {
        /// Specifies how you want AWS WAF to respond to requests that match the settings in a rule. Valid settings include the following:    ALLOW - AWS WAF allows requests    BLOCK - AWS WAF blocks requests    COUNT - AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify COUNT for the default action for a WebACL.
        public let type: String?

        public init(type: String? = nil) {
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case type = "Type"
        }
    }

    public struct WafExcludedRule: AWSEncodableShape & AWSDecodableShape {
        /// The unique identifier for the rule to exclude from the rule group.
        public let ruleId: String?

        public init(ruleId: String? = nil) {
            self.ruleId = ruleId
        }

        public func validate(name: String) throws {
            try self.validate(self.ruleId, name: "ruleId", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case ruleId = "RuleId"
        }
    }

    public struct WafOverrideAction: AWSEncodableShape & AWSDecodableShape {
        ///  COUNT overrides the action specified by the individual rule within a RuleGroup . If set to NONE, the rule's action takes place.
        public let type: String?

        public init(type: String? = nil) {
            self.type = type
        }

        public func validate(name: String) throws {
            try self.validate(self.type, name: "type", parent: name, pattern: ".*\\S.*")
        }

        private enum CodingKeys: String, CodingKey {
            case type = "Type"
        }
    }

    public struct Workflow: AWSEncodableShape & AWSDecodableShape {
        /// The status of the investigation into the finding. The allowed values are the following.    NEW - The initial state of a finding, before it is reviewed. Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:    RecordState changes from ARCHIVED to ACTIVE.    ComplianceStatus changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.      NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.    SUPPRESSED - The finding will not be reviewed again and will not be acted upon.    RESOLVED - The finding was reviewed and remediated and is now considered resolved.
        public let status: WorkflowStatus?

        public init(status: WorkflowStatus? = nil) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct WorkflowUpdate: AWSEncodableShape {
        /// The status of the investigation into the finding. The allowed values are the following.    NEW - The initial state of a finding, before it is reviewed. Security Hub also resets WorkFlowStatus from NOTIFIED or RESOLVED to NEW in the following cases:   The record state changes from ARCHIVED to ACTIVE.   The compliance status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.      NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.    RESOLVED - The finding was reviewed and remediated and is now considered resolved.    SUPPRESSED - The finding will not be reviewed again and will not be acted upon.
        public let status: WorkflowStatus?

        public init(status: WorkflowStatus? = nil) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }
}
